./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:56:20,869 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:56:20,924 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:56:20,928 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:56:20,928 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:56:20,943 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:56:20,944 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:56:20,944 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:56:20,944 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:56:20,945 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:56:20,945 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:56:20,945 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:56:20,945 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:56:20,946 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:56:20,946 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:56:20,946 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:56:20,947 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:56:20,947 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:56:20,947 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:56:20,947 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:56:20,948 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:56:20,948 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:56:20,948 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:56:20,949 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:56:20,949 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:56:20,949 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:56:20,949 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:56:20,949 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:56:20,950 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:56:20,950 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:56:20,950 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:56:20,950 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:56:20,951 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:20,951 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:56:20,951 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:56:20,951 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:56:20,952 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:56:20,952 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:56:20,952 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:56:20,952 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:56:20,953 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:56:20,953 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:56:20,953 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2024-11-11 20:56:21,149 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:56:21,174 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:56:21,176 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:56:21,177 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:56:21,178 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:56:21,178 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-11-11 20:56:22,523 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:56:22,729 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:56:22,729 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-11-11 20:56:22,744 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6d2e5a2be/0c5666918e914cf097dfef927b2644a6/FLAG56d879c60 [2024-11-11 20:56:23,103 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/6d2e5a2be/0c5666918e914cf097dfef927b2644a6 [2024-11-11 20:56:23,105 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:56:23,106 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:56:23,107 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:23,107 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:56:23,111 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:56:23,112 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,113 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5b40760c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23, skipping insertion in model container [2024-11-11 20:56:23,113 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,146 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:56:23,441 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-11 20:56:23,459 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:23,474 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:56:23,482 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-11 20:56:23,483 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2024-11-11 20:56:23,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2024-11-11 20:56:23,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2024-11-11 20:56:23,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2024-11-11 20:56:23,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-11-11 20:56:23,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2024-11-11 20:56:23,485 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-11-11 20:56:23,541 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-11 20:56:23,548 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:23,564 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:56:23,565 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23 WrapperNode [2024-11-11 20:56:23,565 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:23,566 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:23,566 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:56:23,566 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:56:23,572 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,582 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,612 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 235 [2024-11-11 20:56:23,616 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:23,617 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:56:23,617 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:56:23,617 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:56:23,629 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,629 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,635 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,651 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:56:23,651 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,651 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,655 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,659 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,660 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,661 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,663 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:56:23,663 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:56:23,663 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:56:23,664 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:56:23,665 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (1/1) ... [2024-11-11 20:56:23,670 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:23,678 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:23,691 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:56:23,693 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:56:23,726 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:56:23,726 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:56:23,726 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:56:23,727 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:56:23,727 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:56:23,727 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:56:23,727 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:56:23,727 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:23,727 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:23,727 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:56:23,727 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:56:23,727 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-11 20:56:23,728 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-11 20:56:23,728 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:56:23,728 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:56:23,728 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:56:23,728 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:56:23,728 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:56:23,785 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:56:23,787 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:56:24,022 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-11 20:56:24,023 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:56:24,039 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:56:24,040 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:56:24,040 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:24 BoogieIcfgContainer [2024-11-11 20:56:24,040 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:56:24,042 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:56:24,043 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:56:24,045 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:56:24,045 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:56:23" (1/3) ... [2024-11-11 20:56:24,045 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1a1f1402 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:24, skipping insertion in model container [2024-11-11 20:56:24,046 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:23" (2/3) ... [2024-11-11 20:56:24,046 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1a1f1402 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:24, skipping insertion in model container [2024-11-11 20:56:24,046 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:24" (3/3) ... [2024-11-11 20:56:24,047 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2024-11-11 20:56:24,061 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:56:24,062 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:56:24,117 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:56:24,122 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6f5368dc, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:56:24,123 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:56:24,126 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-11 20:56:24,133 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-11 20:56:24,133 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,134 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,134 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,140 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,140 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2024-11-11 20:56:24,148 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,149 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [717569709] [2024-11-11 20:56:24,149 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,149 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,294 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-11 20:56:24,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,301 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:24,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,305 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:24,305 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:24,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [717569709] [2024-11-11 20:56:24,306 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [717569709] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:24,306 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:24,306 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:56:24,308 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1273310672] [2024-11-11 20:56:24,308 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:24,311 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:56:24,312 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:24,336 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:56:24,336 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:24,338 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:24,361 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,361 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2024-11-11 20:56:24,362 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:56:24,363 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-11 20:56:24,363 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,370 INFO L225 Difference]: With dead ends: 185 [2024-11-11 20:56:24,370 INFO L226 Difference]: Without dead ends: 88 [2024-11-11 20:56:24,373 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:24,375 INFO L435 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,376 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:24,387 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-11 20:56:24,401 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-11 20:56:24,402 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-11 20:56:24,404 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2024-11-11 20:56:24,407 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2024-11-11 20:56:24,407 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,407 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2024-11-11 20:56:24,407 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:24,407 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2024-11-11 20:56:24,409 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-11 20:56:24,409 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,409 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,410 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:56:24,410 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,410 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,411 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2024-11-11 20:56:24,411 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,411 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1506593678] [2024-11-11 20:56:24,411 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,411 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,523 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:56:24,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,530 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-11 20:56:24,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,557 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:24,557 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:24,557 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1506593678] [2024-11-11 20:56:24,557 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1506593678] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:24,558 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:24,558 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:24,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [805540430] [2024-11-11 20:56:24,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:24,559 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:24,559 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:24,560 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:24,560 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:24,560 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:24,585 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,586 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2024-11-11 20:56:24,587 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:24,587 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-11 20:56:24,587 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,588 INFO L225 Difference]: With dead ends: 140 [2024-11-11 20:56:24,588 INFO L226 Difference]: Without dead ends: 79 [2024-11-11 20:56:24,589 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:24,590 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,590 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:24,591 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-11 20:56:24,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-11 20:56:24,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-11 20:56:24,604 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2024-11-11 20:56:24,608 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2024-11-11 20:56:24,608 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,608 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2024-11-11 20:56:24,608 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:24,608 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2024-11-11 20:56:24,609 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-11 20:56:24,609 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,609 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,609 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:56:24,610 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,610 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,610 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2024-11-11 20:56:24,610 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,610 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [231915446] [2024-11-11 20:56:24,610 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,611 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,635 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,750 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:24,752 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,755 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-11 20:56:24,756 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,758 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:24,760 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:24,760 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [231915446] [2024-11-11 20:56:24,761 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [231915446] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:24,761 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:24,761 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:24,761 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1362900428] [2024-11-11 20:56:24,761 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:24,762 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:24,762 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:24,762 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:24,763 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:24,763 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:24,807 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,808 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2024-11-11 20:56:24,808 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:56:24,808 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-11 20:56:24,809 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,809 INFO L225 Difference]: With dead ends: 150 [2024-11-11 20:56:24,810 INFO L226 Difference]: Without dead ends: 79 [2024-11-11 20:56:24,810 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:24,811 INFO L435 NwaCegarLoop]: 97 mSDtfsCounter, 91 mSDsluCounter, 192 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,811 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 289 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:24,812 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-11 20:56:24,817 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-11 20:56:24,817 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-11 20:56:24,818 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2024-11-11 20:56:24,818 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2024-11-11 20:56:24,819 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,821 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2024-11-11 20:56:24,821 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:24,821 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2024-11-11 20:56:24,822 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-11 20:56:24,822 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,822 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,822 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:56:24,824 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,825 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,825 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2024-11-11 20:56:24,825 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,825 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1891647207] [2024-11-11 20:56:24,825 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:24,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,883 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-11 20:56:24,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:24,885 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:24,885 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:24,885 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1891647207] [2024-11-11 20:56:24,885 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1891647207] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:24,885 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:24,885 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:24,886 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1686157591] [2024-11-11 20:56:24,886 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:24,886 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:24,886 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:24,887 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:24,887 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:24,887 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:24,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:24,926 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-11-11 20:56:24,926 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:24,927 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-11-11 20:56:24,927 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:24,928 INFO L225 Difference]: With dead ends: 199 [2024-11-11 20:56:24,928 INFO L226 Difference]: Without dead ends: 128 [2024-11-11 20:56:24,929 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:24,930 INFO L435 NwaCegarLoop]: 104 mSDtfsCounter, 80 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:24,933 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 171 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:24,934 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2024-11-11 20:56:24,948 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2024-11-11 20:56:24,949 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-11 20:56:24,950 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2024-11-11 20:56:24,950 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2024-11-11 20:56:24,950 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:24,950 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2024-11-11 20:56:24,951 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:24,951 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2024-11-11 20:56:24,952 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-11 20:56:24,952 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:24,952 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:24,952 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:56:24,953 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:24,953 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:24,953 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2024-11-11 20:56:24,953 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:24,954 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [192886263] [2024-11-11 20:56:24,954 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:24,954 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:24,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,052 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:25,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:25,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,068 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-11 20:56:25,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-11 20:56:25,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,082 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-11 20:56:25,083 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:25,083 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [192886263] [2024-11-11 20:56:25,083 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [192886263] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:25,083 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:25,083 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-11 20:56:25,083 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [950548180] [2024-11-11 20:56:25,084 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:25,085 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-11 20:56:25,085 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:25,085 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-11 20:56:25,085 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:25,086 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:25,326 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:25,326 INFO L93 Difference]: Finished difference Result 268 states and 341 transitions. [2024-11-11 20:56:25,327 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-11 20:56:25,327 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-11 20:56:25,327 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:25,328 INFO L225 Difference]: With dead ends: 268 [2024-11-11 20:56:25,328 INFO L226 Difference]: Without dead ends: 150 [2024-11-11 20:56:25,329 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-11 20:56:25,330 INFO L435 NwaCegarLoop]: 81 mSDtfsCounter, 140 mSDsluCounter, 328 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 409 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:25,330 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 409 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:25,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2024-11-11 20:56:25,340 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 148. [2024-11-11 20:56:25,341 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:25,342 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2024-11-11 20:56:25,342 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2024-11-11 20:56:25,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:25,342 INFO L471 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2024-11-11 20:56:25,343 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:56:25,343 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2024-11-11 20:56:25,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-11 20:56:25,344 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:25,344 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:25,344 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:56:25,344 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:25,344 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:25,345 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2024-11-11 20:56:25,345 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:25,345 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1981006867] [2024-11-11 20:56:25,345 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:25,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:25,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,390 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:25,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,395 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:25,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,421 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-11 20:56:25,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,424 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:25,424 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:25,424 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1981006867] [2024-11-11 20:56:25,424 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1981006867] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:25,424 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:25,424 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:25,424 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1153001979] [2024-11-11 20:56:25,425 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:25,425 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:25,425 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:25,425 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:25,426 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:25,426 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:25,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:25,532 INFO L93 Difference]: Finished difference Result 293 states and 375 transitions. [2024-11-11 20:56:25,532 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:56:25,532 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-11 20:56:25,533 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:25,534 INFO L225 Difference]: With dead ends: 293 [2024-11-11 20:56:25,534 INFO L226 Difference]: Without dead ends: 153 [2024-11-11 20:56:25,535 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:25,535 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 59 mSDsluCounter, 274 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:25,535 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 357 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:25,540 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-11 20:56:25,555 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-11 20:56:25,557 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:25,558 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2024-11-11 20:56:25,559 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2024-11-11 20:56:25,560 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:25,560 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2024-11-11 20:56:25,560 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:25,561 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2024-11-11 20:56:25,561 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-11 20:56:25,565 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:25,565 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:25,565 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:56:25,566 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:25,566 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:25,566 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2024-11-11 20:56:25,566 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:25,566 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [47969279] [2024-11-11 20:56:25,566 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:25,566 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:25,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,652 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:25,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,660 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:25,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,698 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-11 20:56:25,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,702 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:25,703 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:25,703 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [47969279] [2024-11-11 20:56:25,703 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [47969279] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:25,703 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:25,703 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-11 20:56:25,703 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1116685471] [2024-11-11 20:56:25,703 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:25,704 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-11 20:56:25,704 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:25,704 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-11 20:56:25,704 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:25,705 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:25,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:25,835 INFO L93 Difference]: Finished difference Result 298 states and 380 transitions. [2024-11-11 20:56:25,835 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:25,836 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-11 20:56:25,836 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:25,837 INFO L225 Difference]: With dead ends: 298 [2024-11-11 20:56:25,837 INFO L226 Difference]: Without dead ends: 155 [2024-11-11 20:56:25,838 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:25,843 INFO L435 NwaCegarLoop]: 82 mSDtfsCounter, 58 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 428 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:25,843 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 428 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:25,845 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-11-11 20:56:25,862 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 153. [2024-11-11 20:56:25,863 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-11 20:56:25,864 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2024-11-11 20:56:25,866 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2024-11-11 20:56:25,866 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:25,867 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2024-11-11 20:56:25,878 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:25,879 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2024-11-11 20:56:25,880 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-11 20:56:25,880 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:25,880 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:25,880 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:56:25,880 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:25,881 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:25,881 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2024-11-11 20:56:25,881 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:25,881 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [413065253] [2024-11-11 20:56:25,881 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:25,881 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:25,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,946 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:25,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,952 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-11 20:56:25,955 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,971 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-11 20:56:25,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:25,973 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:25,975 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:25,975 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [413065253] [2024-11-11 20:56:25,975 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [413065253] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:25,975 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:25,975 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:25,977 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1351373790] [2024-11-11 20:56:25,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:25,977 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:25,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:25,978 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:25,978 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:25,980 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:26,151 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:26,151 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2024-11-11 20:56:26,154 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:26,154 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-11 20:56:26,155 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:26,156 INFO L225 Difference]: With dead ends: 430 [2024-11-11 20:56:26,158 INFO L226 Difference]: Without dead ends: 285 [2024-11-11 20:56:26,159 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:26,160 INFO L435 NwaCegarLoop]: 125 mSDtfsCounter, 215 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:26,160 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 295 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:26,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2024-11-11 20:56:26,189 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2024-11-11 20:56:26,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-11 20:56:26,192 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2024-11-11 20:56:26,192 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2024-11-11 20:56:26,193 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:26,193 INFO L471 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2024-11-11 20:56:26,193 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:56:26,193 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2024-11-11 20:56:26,194 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-11 20:56:26,195 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:26,195 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:26,195 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:56:26,195 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:26,195 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:26,196 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2024-11-11 20:56:26,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:26,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1989774665] [2024-11-11 20:56:26,196 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:26,196 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:26,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:26,330 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:26,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:26,335 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:56:26,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:26,342 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-11 20:56:26,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:26,356 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-11 20:56:26,357 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:26,358 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:26,358 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:26,358 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1989774665] [2024-11-11 20:56:26,358 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1989774665] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:26,358 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:26,358 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-11 20:56:26,359 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [597744546] [2024-11-11 20:56:26,359 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:26,359 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-11 20:56:26,359 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:26,359 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-11 20:56:26,359 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-11 20:56:26,359 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:26,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:26,837 INFO L93 Difference]: Finished difference Result 737 states and 970 transitions. [2024-11-11 20:56:26,838 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-11 20:56:26,838 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2024-11-11 20:56:26,838 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:26,840 INFO L225 Difference]: With dead ends: 737 [2024-11-11 20:56:26,840 INFO L226 Difference]: Without dead ends: 513 [2024-11-11 20:56:26,841 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-11 20:56:26,842 INFO L435 NwaCegarLoop]: 102 mSDtfsCounter, 621 mSDsluCounter, 438 mSDsCounter, 0 mSdLazyCounter, 420 mSolverCounterSat, 186 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 626 SdHoareTripleChecker+Valid, 540 SdHoareTripleChecker+Invalid, 606 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 186 IncrementalHoareTripleChecker+Valid, 420 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:26,842 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [626 Valid, 540 Invalid, 606 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [186 Valid, 420 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-11 20:56:26,843 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 513 states. [2024-11-11 20:56:26,869 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 513 to 440. [2024-11-11 20:56:26,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-11 20:56:26,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2024-11-11 20:56:26,871 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2024-11-11 20:56:26,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:26,872 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2024-11-11 20:56:26,872 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:56:26,872 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2024-11-11 20:56:26,873 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2024-11-11 20:56:26,873 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:26,873 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:26,873 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:56:26,873 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:26,873 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:26,873 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2024-11-11 20:56:26,873 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:26,873 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2110198398] [2024-11-11 20:56:26,874 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:26,874 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:26,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,001 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:27,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,013 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-11 20:56:27,017 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,034 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:27,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,042 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-11 20:56:27,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,054 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-11-11 20:56:27,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,066 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-11-11 20:56:27,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,068 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:56:27,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-11-11 20:56:27,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,072 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:27,073 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:27,073 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2110198398] [2024-11-11 20:56:27,073 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2110198398] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:27,073 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [269494555] [2024-11-11 20:56:27,073 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:27,073 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:27,073 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:27,075 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:27,076 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:56:27,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:27,159 INFO L256 TraceCheckSpWp]: Trace formula consists of 340 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-11 20:56:27,166 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:27,331 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:56:27,331 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:27,513 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-11 20:56:27,513 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [269494555] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:27,513 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:27,514 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-11 20:56:27,514 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1674085282] [2024-11-11 20:56:27,514 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:27,514 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-11 20:56:27,514 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:27,515 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-11 20:56:27,515 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-11 20:56:27,515 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-11 20:56:28,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:28,431 INFO L93 Difference]: Finished difference Result 907 states and 1154 transitions. [2024-11-11 20:56:28,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-11-11 20:56:28,431 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 102 [2024-11-11 20:56:28,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:28,432 INFO L225 Difference]: With dead ends: 907 [2024-11-11 20:56:28,432 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:56:28,434 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 220 SyntacticMatches, 4 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 278 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=254, Invalid=1078, Unknown=0, NotChecked=0, Total=1332 [2024-11-11 20:56:28,435 INFO L435 NwaCegarLoop]: 170 mSDtfsCounter, 272 mSDsluCounter, 1437 mSDsCounter, 0 mSdLazyCounter, 1199 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 279 SdHoareTripleChecker+Valid, 1607 SdHoareTripleChecker+Invalid, 1266 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 1199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:28,435 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [279 Valid, 1607 Invalid, 1266 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 1199 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-11 20:56:28,435 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:56:28,435 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:56:28,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:56:28,435 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:56:28,435 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2024-11-11 20:56:28,436 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:28,436 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:56:28,436 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-11 20:56:28,436 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:56:28,436 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:56:28,438 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:56:28,455 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-11 20:56:28,638 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-11 20:56:28,641 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:28,643 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:56:31,093 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:56:31,129 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= |old(~pumpRunning~0)| 0) .cse2 .cse1) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-11 20:56:31,155 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-11 20:56:31,163 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2 .cse1) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-11 20:56:31,176 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:56:31 BoogieIcfgContainer [2024-11-11 20:56:31,176 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:56:31,176 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:56:31,176 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:56:31,176 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:56:31,177 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:24" (3/4) ... [2024-11-11 20:56:31,179 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:56:31,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:56:31,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:56:31,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:56:31,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:56:31,183 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:56:31,183 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:56:31,183 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-11 20:56:31,191 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-11 20:56:31,191 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:56:31,191 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:56:31,191 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:31,192 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:31,279 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:56:31,279 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:56:31,279 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:56:31,280 INFO L158 Benchmark]: Toolchain (without parser) took 8174.20ms. Allocated memory was 174.1MB in the beginning and 285.2MB in the end (delta: 111.1MB). Free memory was 104.4MB in the beginning and 236.4MB in the end (delta: -132.0MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:31,280 INFO L158 Benchmark]: CDTParser took 0.09ms. Allocated memory is still 117.4MB. Free memory is still 81.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:31,280 INFO L158 Benchmark]: CACSL2BoogieTranslator took 458.22ms. Allocated memory is still 174.1MB. Free memory was 104.0MB in the beginning and 137.2MB in the end (delta: -33.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,280 INFO L158 Benchmark]: Boogie Procedure Inliner took 50.43ms. Allocated memory is still 174.1MB. Free memory was 137.2MB in the beginning and 134.9MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,281 INFO L158 Benchmark]: Boogie Preprocessor took 46.04ms. Allocated memory is still 174.1MB. Free memory was 134.9MB in the beginning and 132.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,281 INFO L158 Benchmark]: RCFGBuilder took 376.98ms. Allocated memory is still 174.1MB. Free memory was 132.2MB in the beginning and 113.3MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,281 INFO L158 Benchmark]: TraceAbstraction took 7133.76ms. Allocated memory was 174.1MB in the beginning and 285.2MB in the end (delta: 111.1MB). Free memory was 112.7MB in the beginning and 244.8MB in the end (delta: -132.1MB). Peak memory consumption was 139.6MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,281 INFO L158 Benchmark]: Witness Printer took 103.24ms. Allocated memory is still 285.2MB. Free memory was 244.8MB in the beginning and 236.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:31,282 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.09ms. Allocated memory is still 117.4MB. Free memory is still 81.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 458.22ms. Allocated memory is still 174.1MB. Free memory was 104.0MB in the beginning and 137.2MB in the end (delta: -33.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 50.43ms. Allocated memory is still 174.1MB. Free memory was 137.2MB in the beginning and 134.9MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.04ms. Allocated memory is still 174.1MB. Free memory was 134.9MB in the beginning and 132.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 376.98ms. Allocated memory is still 174.1MB. Free memory was 132.2MB in the beginning and 113.3MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7133.76ms. Allocated memory was 174.1MB in the beginning and 285.2MB in the end (delta: 111.1MB). Free memory was 112.7MB in the beginning and 244.8MB in the end (delta: -132.1MB). Peak memory consumption was 139.6MB. Max. memory is 16.1GB. * Witness Printer took 103.24ms. Allocated memory is still 285.2MB. Free memory was 244.8MB in the beginning and 236.4MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1585 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1549 mSDsluCounter, 4401 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3335 mSDsCounter, 373 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2200 IncrementalHoareTripleChecker+Invalid, 2573 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 373 mSolverCounterUnsat, 1066 mSDtfsCounter, 2200 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 395 GetRequests, 294 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 432 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 93, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 83 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1359 SizeOfPredicates, 2 NumberOfNonLiveVariables, 340 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 700]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive))) - ProcedureContractResult [Line: 790]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && ((((((waterLevel == \old(waterLevel)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 763]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 580]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 798]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 894]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:56:31,317 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE