./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-13 14:17:05,928 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-13 14:17:06,018 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-13 14:17:06,023 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-13 14:17:06,024 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-13 14:17:06,060 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-13 14:17:06,061 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-13 14:17:06,061 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-13 14:17:06,061 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-13 14:17:06,062 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-13 14:17:06,062 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-13 14:17:06,062 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-13 14:17:06,062 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-13 14:17:06,062 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-13 14:17:06,063 INFO L153 SettingsManager]: * Use SBE=true [2024-11-13 14:17:06,063 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-13 14:17:06,063 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-13 14:17:06,063 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-13 14:17:06,065 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-13 14:17:06,066 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-13 14:17:06,066 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-13 14:17:06,066 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-13 14:17:06,066 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-13 14:17:06,066 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 14:17:06,066 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-13 14:17:06,066 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-13 14:17:06,067 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef [2024-11-13 14:17:06,416 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-13 14:17:06,427 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-13 14:17:06,429 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-13 14:17:06,432 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-13 14:17:06,432 INFO L274 PluginConnector]: CDTParser initialized [2024-11-13 14:17:06,434 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c Unable to find full path for "g++" [2024-11-13 14:17:08,208 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-13 14:17:08,525 INFO L384 CDTParser]: Found 1 translation units. [2024-11-13 14:17:08,525 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c [2024-11-13 14:17:08,536 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/data/92f9a0e24/85ba53ee3e594cc797e94e9b93b7edb6/FLAGa9da09249 [2024-11-13 14:17:08,765 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/data/92f9a0e24/85ba53ee3e594cc797e94e9b93b7edb6 [2024-11-13 14:17:08,767 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-13 14:17:08,769 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-13 14:17:08,770 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-13 14:17:08,770 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-13 14:17:08,775 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-13 14:17:08,776 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 02:17:08" (1/1) ... [2024-11-13 14:17:08,776 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1687b84f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:08, skipping insertion in model container [2024-11-13 14:17:08,777 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 02:17:08" (1/1) ... [2024-11-13 14:17:08,805 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-13 14:17:08,966 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2024-11-13 14:17:09,070 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 14:17:09,086 INFO L200 MainTranslator]: Completed pre-run [2024-11-13 14:17:09,095 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] [2024-11-13 14:17:09,097 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] [2024-11-13 14:17:09,098 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] [2024-11-13 14:17:09,107 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2024-11-13 14:17:09,195 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 14:17:09,224 INFO L204 MainTranslator]: Completed translation [2024-11-13 14:17:09,225 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09 WrapperNode [2024-11-13 14:17:09,225 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-13 14:17:09,226 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-13 14:17:09,226 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-13 14:17:09,227 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-13 14:17:09,233 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,244 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,276 INFO L138 Inliner]: procedures = 55, calls = 97, calls flagged for inlining = 23, calls inlined = 19, statements flattened = 177 [2024-11-13 14:17:09,277 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-13 14:17:09,278 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-13 14:17:09,278 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-13 14:17:09,278 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-13 14:17:09,287 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,288 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,291 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,313 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-13 14:17:09,313 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,313 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,317 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,321 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,322 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,323 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,324 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-13 14:17:09,325 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-13 14:17:09,325 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-13 14:17:09,325 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-13 14:17:09,326 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (1/1) ... [2024-11-13 14:17:09,335 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 14:17:09,353 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 14:17:09,367 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-13 14:17:09,374 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-13 14:17:09,406 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-13 14:17:09,406 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-13 14:17:09,407 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-13 14:17:09,407 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-13 14:17:09,407 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-13 14:17:09,407 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-13 14:17:09,407 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-13 14:17:09,407 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-13 14:17:09,408 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-13 14:17:09,408 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-13 14:17:09,408 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-13 14:17:09,493 INFO L238 CfgBuilder]: Building ICFG [2024-11-13 14:17:09,496 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-13 14:17:09,855 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-11-13 14:17:09,855 INFO L287 CfgBuilder]: Performing block encoding [2024-11-13 14:17:09,867 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-13 14:17:09,869 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-13 14:17:09,869 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:17:09 BoogieIcfgContainer [2024-11-13 14:17:09,869 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-13 14:17:09,872 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-13 14:17:09,872 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-13 14:17:09,881 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-13 14:17:09,882 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.11 02:17:08" (1/3) ... [2024-11-13 14:17:09,882 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5155b8ee and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 02:17:09, skipping insertion in model container [2024-11-13 14:17:09,882 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:17:09" (2/3) ... [2024-11-13 14:17:09,883 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5155b8ee and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 02:17:09, skipping insertion in model container [2024-11-13 14:17:09,883 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:17:09" (3/3) ... [2024-11-13 14:17:09,884 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product34.cil.c [2024-11-13 14:17:09,900 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-13 14:17:09,903 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product34.cil.c that has 7 procedures, 81 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-13 14:17:09,975 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-13 14:17:09,992 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@15017fea, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-13 14:17:09,993 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-13 14:17:09,998 INFO L276 IsEmpty]: Start isEmpty. Operand has 81 states, 63 states have (on average 1.380952380952381) internal successors, (87), 69 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-13 14:17:10,009 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-13 14:17:10,010 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:10,011 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:10,011 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:10,016 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:10,018 INFO L85 PathProgramCache]: Analyzing trace with hash 2133251743, now seen corresponding path program 1 times [2024-11-13 14:17:10,025 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:10,026 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [696653915] [2024-11-13 14:17:10,027 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:10,027 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:10,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-13 14:17:10,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-13 14:17:10,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,250 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:10,250 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:10,251 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [696653915] [2024-11-13 14:17:10,251 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [696653915] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:10,252 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:10,252 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-13 14:17:10,253 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1752025995] [2024-11-13 14:17:10,254 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:10,257 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-13 14:17:10,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:10,277 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-13 14:17:10,277 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 14:17:10,279 INFO L87 Difference]: Start difference. First operand has 81 states, 63 states have (on average 1.380952380952381) internal successors, (87), 69 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:17:10,341 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:10,341 INFO L93 Difference]: Finished difference Result 153 states and 208 transitions. [2024-11-13 14:17:10,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-13 14:17:10,343 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-13 14:17:10,344 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:10,351 INFO L225 Difference]: With dead ends: 153 [2024-11-13 14:17:10,351 INFO L226 Difference]: Without dead ends: 72 [2024-11-13 14:17:10,354 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 14:17:10,357 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 101 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:10,358 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 101 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:10,370 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-11-13 14:17:10,388 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-11-13 14:17:10,389 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 61 states have internal predecessors, (73), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-13 14:17:10,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 92 transitions. [2024-11-13 14:17:10,402 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 92 transitions. Word has length 32 [2024-11-13 14:17:10,402 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:10,402 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 92 transitions. [2024-11-13 14:17:10,402 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:17:10,402 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2024-11-13 14:17:10,407 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-13 14:17:10,408 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:10,408 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:10,408 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-13 14:17:10,408 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:10,409 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:10,409 INFO L85 PathProgramCache]: Analyzing trace with hash -1919410027, now seen corresponding path program 1 times [2024-11-13 14:17:10,409 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:10,409 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2076910964] [2024-11-13 14:17:10,409 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:10,409 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:10,451 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,589 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-13 14:17:10,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,594 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-13 14:17:10,596 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,598 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:10,598 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:10,598 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2076910964] [2024-11-13 14:17:10,598 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2076910964] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:10,598 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:10,598 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 14:17:10,598 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1044617487] [2024-11-13 14:17:10,598 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:10,600 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 14:17:10,600 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:10,600 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 14:17:10,600 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:10,601 INFO L87 Difference]: Start difference. First operand 72 states and 92 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:17:10,614 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:10,614 INFO L93 Difference]: Finished difference Result 108 states and 138 transitions. [2024-11-13 14:17:10,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 14:17:10,615 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-13 14:17:10,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:10,616 INFO L225 Difference]: With dead ends: 108 [2024-11-13 14:17:10,616 INFO L226 Difference]: Without dead ends: 63 [2024-11-13 14:17:10,616 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:10,617 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 13 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:10,617 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 141 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:10,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2024-11-13 14:17:10,623 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2024-11-13 14:17:10,624 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 50 states have (on average 1.32) internal successors, (66), 55 states have internal predecessors, (66), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-13 14:17:10,625 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 80 transitions. [2024-11-13 14:17:10,625 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 80 transitions. Word has length 33 [2024-11-13 14:17:10,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:10,625 INFO L471 AbstractCegarLoop]: Abstraction has 63 states and 80 transitions. [2024-11-13 14:17:10,625 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:17:10,625 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2024-11-13 14:17:10,626 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-13 14:17:10,626 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:10,626 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:10,627 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-13 14:17:10,627 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:10,627 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:10,627 INFO L85 PathProgramCache]: Analyzing trace with hash -1644495801, now seen corresponding path program 1 times [2024-11-13 14:17:10,628 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:10,628 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1415280973] [2024-11-13 14:17:10,628 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:10,628 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:10,652 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,758 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:10,765 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,769 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-13 14:17:10,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,777 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:10,777 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:10,777 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1415280973] [2024-11-13 14:17:10,777 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1415280973] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:10,777 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:10,777 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 14:17:10,777 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1288485079] [2024-11-13 14:17:10,777 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:10,778 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 14:17:10,778 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:10,778 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 14:17:10,778 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:10,779 INFO L87 Difference]: Start difference. First operand 63 states and 80 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:10,805 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:10,805 INFO L93 Difference]: Finished difference Result 118 states and 153 transitions. [2024-11-13 14:17:10,805 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 14:17:10,806 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-13 14:17:10,806 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:10,807 INFO L225 Difference]: With dead ends: 118 [2024-11-13 14:17:10,807 INFO L226 Difference]: Without dead ends: 63 [2024-11-13 14:17:10,807 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:10,808 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 55 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 78 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:10,809 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 78 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:10,809 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2024-11-13 14:17:10,816 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2024-11-13 14:17:10,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-13 14:17:10,817 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 79 transitions. [2024-11-13 14:17:10,818 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 79 transitions. Word has length 38 [2024-11-13 14:17:10,819 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:10,819 INFO L471 AbstractCegarLoop]: Abstraction has 63 states and 79 transitions. [2024-11-13 14:17:10,819 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:10,819 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 79 transitions. [2024-11-13 14:17:10,820 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-13 14:17:10,820 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:10,821 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:10,821 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-13 14:17:10,821 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:10,821 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:10,822 INFO L85 PathProgramCache]: Analyzing trace with hash -1484915516, now seen corresponding path program 1 times [2024-11-13 14:17:10,822 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:10,822 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [813785775] [2024-11-13 14:17:10,822 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:10,822 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:10,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,971 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:10,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 14:17:10,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,989 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-11-13 14:17:10,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:10,997 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:10,997 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:10,997 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [813785775] [2024-11-13 14:17:10,997 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [813785775] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:11,002 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:11,002 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 14:17:11,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2009939005] [2024-11-13 14:17:11,002 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:11,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 14:17:11,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:11,003 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 14:17:11,003 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:11,003 INFO L87 Difference]: Start difference. First operand 63 states and 79 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:17:11,062 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:11,062 INFO L93 Difference]: Finished difference Result 162 states and 208 transitions. [2024-11-13 14:17:11,063 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 14:17:11,063 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 43 [2024-11-13 14:17:11,064 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:11,065 INFO L225 Difference]: With dead ends: 162 [2024-11-13 14:17:11,065 INFO L226 Difference]: Without dead ends: 107 [2024-11-13 14:17:11,065 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:11,066 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 47 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:11,071 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 147 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:11,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2024-11-13 14:17:11,095 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 105. [2024-11-13 14:17:11,096 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 82 states have (on average 1.2926829268292683) internal successors, (106), 88 states have internal predecessors, (106), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-13 14:17:11,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 132 transitions. [2024-11-13 14:17:11,098 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 132 transitions. Word has length 43 [2024-11-13 14:17:11,098 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:11,098 INFO L471 AbstractCegarLoop]: Abstraction has 105 states and 132 transitions. [2024-11-13 14:17:11,098 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:17:11,099 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 132 transitions. [2024-11-13 14:17:11,100 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-13 14:17:11,100 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:11,103 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:11,103 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-13 14:17:11,103 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:11,104 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:11,104 INFO L85 PathProgramCache]: Analyzing trace with hash -1841134993, now seen corresponding path program 1 times [2024-11-13 14:17:11,105 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:11,105 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1069122201] [2024-11-13 14:17:11,105 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:11,105 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:11,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:11,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-13 14:17:11,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,288 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:11,289 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:11,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1069122201] [2024-11-13 14:17:11,290 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1069122201] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:11,290 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:11,290 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 14:17:11,290 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [504896851] [2024-11-13 14:17:11,290 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:11,291 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 14:17:11,291 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:11,291 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 14:17:11,291 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:17:11,292 INFO L87 Difference]: Start difference. First operand 105 states and 132 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:11,356 INFO L93 Difference]: Finished difference Result 205 states and 262 transitions. [2024-11-13 14:17:11,356 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-13 14:17:11,357 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2024-11-13 14:17:11,357 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:11,358 INFO L225 Difference]: With dead ends: 205 [2024-11-13 14:17:11,358 INFO L226 Difference]: Without dead ends: 108 [2024-11-13 14:17:11,359 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:17:11,359 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 0 mSDsluCounter, 221 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:11,363 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 297 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:11,364 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 108 states. [2024-11-13 14:17:11,383 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 108 to 108. [2024-11-13 14:17:11,384 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 85 states have (on average 1.2823529411764707) internal successors, (109), 91 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-13 14:17:11,385 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 135 transitions. [2024-11-13 14:17:11,389 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 135 transitions. Word has length 47 [2024-11-13 14:17:11,389 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:11,389 INFO L471 AbstractCegarLoop]: Abstraction has 108 states and 135 transitions. [2024-11-13 14:17:11,390 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,390 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2024-11-13 14:17:11,391 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-13 14:17:11,391 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:11,391 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:11,391 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-13 14:17:11,391 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:11,392 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:11,392 INFO L85 PathProgramCache]: Analyzing trace with hash 865484401, now seen corresponding path program 1 times [2024-11-13 14:17:11,392 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:11,392 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [662832459] [2024-11-13 14:17:11,392 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:11,392 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:11,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,527 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:11,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,529 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-13 14:17:11,533 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,536 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:11,537 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:11,537 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [662832459] [2024-11-13 14:17:11,537 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [662832459] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:11,537 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:11,537 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-13 14:17:11,537 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [660779933] [2024-11-13 14:17:11,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:11,537 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-13 14:17:11,538 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:11,538 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-13 14:17:11,538 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-13 14:17:11,538 INFO L87 Difference]: Start difference. First operand 108 states and 135 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,581 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:11,582 INFO L93 Difference]: Finished difference Result 210 states and 269 transitions. [2024-11-13 14:17:11,586 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-13 14:17:11,586 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2024-11-13 14:17:11,586 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:11,589 INFO L225 Difference]: With dead ends: 210 [2024-11-13 14:17:11,589 INFO L226 Difference]: Without dead ends: 110 [2024-11-13 14:17:11,589 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-13 14:17:11,590 INFO L432 NwaCegarLoop]: 77 mSDtfsCounter, 0 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 225 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:11,590 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 225 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:11,591 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110 states. [2024-11-13 14:17:11,611 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110 to 110. [2024-11-13 14:17:11,612 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 87 states have (on average 1.2758620689655173) internal successors, (111), 93 states have internal predecessors, (111), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-13 14:17:11,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 137 transitions. [2024-11-13 14:17:11,617 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 137 transitions. Word has length 47 [2024-11-13 14:17:11,618 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:11,618 INFO L471 AbstractCegarLoop]: Abstraction has 110 states and 137 transitions. [2024-11-13 14:17:11,618 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,618 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 137 transitions. [2024-11-13 14:17:11,619 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-13 14:17:11,619 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:11,619 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:11,619 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-13 14:17:11,619 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:11,623 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:11,623 INFO L85 PathProgramCache]: Analyzing trace with hash -823459341, now seen corresponding path program 1 times [2024-11-13 14:17:11,624 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:11,624 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [779024309] [2024-11-13 14:17:11,624 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:11,624 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:11,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,766 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:11,770 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,773 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-13 14:17:11,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:11,777 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:11,777 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:11,777 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [779024309] [2024-11-13 14:17:11,777 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [779024309] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:11,779 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:11,779 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 14:17:11,780 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1816766776] [2024-11-13 14:17:11,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:11,781 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 14:17:11,781 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:11,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 14:17:11,782 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:11,782 INFO L87 Difference]: Start difference. First operand 110 states and 137 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,830 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:11,830 INFO L93 Difference]: Finished difference Result 261 states and 329 transitions. [2024-11-13 14:17:11,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 14:17:11,833 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2024-11-13 14:17:11,833 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:11,834 INFO L225 Difference]: With dead ends: 261 [2024-11-13 14:17:11,834 INFO L226 Difference]: Without dead ends: 159 [2024-11-13 14:17:11,835 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:17:11,835 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 39 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:11,839 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 147 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:17:11,840 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2024-11-13 14:17:11,862 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 157. [2024-11-13 14:17:11,867 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-11-13 14:17:11,868 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 194 transitions. [2024-11-13 14:17:11,871 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 194 transitions. Word has length 47 [2024-11-13 14:17:11,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:11,872 INFO L471 AbstractCegarLoop]: Abstraction has 157 states and 194 transitions. [2024-11-13 14:17:11,872 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:17:11,872 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 194 transitions. [2024-11-13 14:17:11,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-13 14:17:11,874 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:11,874 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:11,874 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-13 14:17:11,874 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:11,875 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:11,875 INFO L85 PathProgramCache]: Analyzing trace with hash -13910324, now seen corresponding path program 1 times [2024-11-13 14:17:11,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:11,878 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1404085062] [2024-11-13 14:17:11,879 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:11,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:11,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,023 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:17:12,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,028 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-13 14:17:12,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,036 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-13 14:17:12,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,057 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-13 14:17:12,058 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:12,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1404085062] [2024-11-13 14:17:12,059 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1404085062] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:12,059 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:12,059 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 14:17:12,059 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [526292578] [2024-11-13 14:17:12,062 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:12,062 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 14:17:12,063 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:12,063 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 14:17:12,063 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 14:17:12,063 INFO L87 Difference]: Start difference. First operand 157 states and 194 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-13 14:17:12,209 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:12,210 INFO L93 Difference]: Finished difference Result 304 states and 379 transitions. [2024-11-13 14:17:12,210 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 14:17:12,210 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2024-11-13 14:17:12,211 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:12,212 INFO L225 Difference]: With dead ends: 304 [2024-11-13 14:17:12,213 INFO L226 Difference]: Without dead ends: 155 [2024-11-13 14:17:12,214 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 14:17:12,214 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 30 mSDsluCounter, 259 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 337 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:12,215 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 337 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-13 14:17:12,215 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-11-13 14:17:12,238 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 155. [2024-11-13 14:17:12,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 155 states, 122 states have (on average 1.2295081967213115) internal successors, (150), 129 states have internal predecessors, (150), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-11-13 14:17:12,239 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 188 transitions. [2024-11-13 14:17:12,240 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 188 transitions. Word has length 49 [2024-11-13 14:17:12,240 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:12,240 INFO L471 AbstractCegarLoop]: Abstraction has 155 states and 188 transitions. [2024-11-13 14:17:12,240 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-13 14:17:12,240 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 188 transitions. [2024-11-13 14:17:12,242 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-13 14:17:12,245 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:12,245 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:12,245 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-13 14:17:12,246 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:12,246 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:12,246 INFO L85 PathProgramCache]: Analyzing trace with hash -1558403559, now seen corresponding path program 1 times [2024-11-13 14:17:12,246 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:12,246 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1973902204] [2024-11-13 14:17:12,246 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:12,247 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:12,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,515 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 14:17:12,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,524 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-13 14:17:12,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,529 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-13 14:17:12,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:12,532 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:17:12,532 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:12,532 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1973902204] [2024-11-13 14:17:12,532 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1973902204] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:17:12,532 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:17:12,533 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-13 14:17:12,533 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [106942942] [2024-11-13 14:17:12,533 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:17:12,533 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-13 14:17:12,533 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:12,535 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-13 14:17:12,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-13 14:17:12,536 INFO L87 Difference]: Start difference. First operand 155 states and 188 transitions. Second operand has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-13 14:17:12,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:12,999 INFO L93 Difference]: Finished difference Result 504 states and 646 transitions. [2024-11-13 14:17:13,000 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-13 14:17:13,000 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2024-11-13 14:17:13,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:13,003 INFO L225 Difference]: With dead ends: 504 [2024-11-13 14:17:13,003 INFO L226 Difference]: Without dead ends: 403 [2024-11-13 14:17:13,004 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 28 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=151, Unknown=0, NotChecked=0, Total=210 [2024-11-13 14:17:13,005 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 328 mSDsluCounter, 382 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 80 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 338 SdHoareTripleChecker+Valid, 488 SdHoareTripleChecker+Invalid, 282 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 80 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:13,005 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [338 Valid, 488 Invalid, 282 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [80 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-13 14:17:13,006 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 403 states. [2024-11-13 14:17:13,044 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 403 to 397. [2024-11-13 14:17:13,045 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 397 states, 313 states have (on average 1.2044728434504792) internal successors, (377), 332 states have internal predecessors, (377), 45 states have call successors, (45), 33 states have call predecessors, (45), 38 states have return successors, (64), 43 states have call predecessors, (64), 45 states have call successors, (64) [2024-11-13 14:17:13,048 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 397 states to 397 states and 486 transitions. [2024-11-13 14:17:13,049 INFO L78 Accepts]: Start accepts. Automaton has 397 states and 486 transitions. Word has length 51 [2024-11-13 14:17:13,049 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:13,049 INFO L471 AbstractCegarLoop]: Abstraction has 397 states and 486 transitions. [2024-11-13 14:17:13,049 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-13 14:17:13,050 INFO L276 IsEmpty]: Start isEmpty. Operand 397 states and 486 transitions. [2024-11-13 14:17:13,051 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2024-11-13 14:17:13,051 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:17:13,051 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:13,051 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-13 14:17:13,051 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:17:13,051 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:17:13,052 INFO L85 PathProgramCache]: Analyzing trace with hash 1899074171, now seen corresponding path program 1 times [2024-11-13 14:17:13,052 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:17:13,052 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [744079835] [2024-11-13 14:17:13,052 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:13,052 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:17:13,084 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,251 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 14:17:13,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,273 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-13 14:17:13,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 14:17:13,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,310 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-13 14:17:13,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,331 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2024-11-13 14:17:13,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,333 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2024-11-13 14:17:13,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,338 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 8 proven. 17 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-13 14:17:13,338 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:17:13,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [744079835] [2024-11-13 14:17:13,339 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [744079835] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-13 14:17:13,339 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1172653285] [2024-11-13 14:17:13,339 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:17:13,339 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 14:17:13,339 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 14:17:13,342 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-13 14:17:13,345 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-13 14:17:13,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:17:13,468 INFO L255 TraceCheckSpWp]: Trace formula consists of 285 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-13 14:17:13,475 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-13 14:17:13,683 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-13 14:17:13,685 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-13 14:17:13,950 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-13 14:17:13,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1172653285] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-13 14:17:13,951 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-13 14:17:13,951 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2024-11-13 14:17:13,951 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [270695934] [2024-11-13 14:17:13,951 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-13 14:17:13,952 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-11-13 14:17:13,953 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:17:13,953 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-11-13 14:17:13,953 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2024-11-13 14:17:13,954 INFO L87 Difference]: Start difference. First operand 397 states and 486 transitions. Second operand has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2024-11-13 14:17:14,688 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:17:14,689 INFO L93 Difference]: Finished difference Result 630 states and 797 transitions. [2024-11-13 14:17:14,689 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-13 14:17:14,689 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) Word has length 83 [2024-11-13 14:17:14,690 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:17:14,690 INFO L225 Difference]: With dead ends: 630 [2024-11-13 14:17:14,690 INFO L226 Difference]: Without dead ends: 0 [2024-11-13 14:17:14,692 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 206 GetRequests, 175 SyntacticMatches, 4 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 138 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=201, Invalid=611, Unknown=0, NotChecked=0, Total=812 [2024-11-13 14:17:14,693 INFO L432 NwaCegarLoop]: 124 mSDtfsCounter, 251 mSDsluCounter, 473 mSDsCounter, 0 mSdLazyCounter, 327 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 254 SdHoareTripleChecker+Valid, 597 SdHoareTripleChecker+Invalid, 403 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 327 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-13 14:17:14,693 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [254 Valid, 597 Invalid, 403 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 327 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-13 14:17:14,694 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-13 14:17:14,694 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-13 14:17:14,694 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-13 14:17:14,694 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-13 14:17:14,694 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 83 [2024-11-13 14:17:14,694 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:17:14,695 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-13 14:17:14,695 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2024-11-13 14:17:14,695 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-13 14:17:14,695 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-13 14:17:14,697 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-13 14:17:14,718 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-13 14:17:14,898 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-13 14:17:14,900 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:17:14,902 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-13 14:17:17,820 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-13 14:17:17,876 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| 2))) (or (and (= |old(~waterLevel~0)| 1) .cse0 .cse1) (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) (<= |old(~waterLevel~0)| 2) .cse2) (and .cse0 .cse1 .cse3) (and .cse0 .cse2 .cse3))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-11-13 14:17:17,916 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= |old(~waterLevel~0)| 2)) (and .cse0 (= |old(~waterLevel~0)| 1) .cse1) (and .cse3 .cse1 .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-11-13 14:17:17,949 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.11 02:17:17 BoogieIcfgContainer [2024-11-13 14:17:17,952 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-13 14:17:17,952 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-13 14:17:17,953 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-13 14:17:17,953 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-13 14:17:17,953 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:17:09" (3/4) ... [2024-11-13 14:17:17,955 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-13 14:17:17,960 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-13 14:17:17,960 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-13 14:17:17,960 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-13 14:17:17,961 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-13 14:17:17,961 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-13 14:17:17,961 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-13 14:17:17,969 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 19 nodes and edges [2024-11-13 14:17:17,969 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-13 14:17:17,970 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-13 14:17:17,970 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 14:17:17,971 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 14:17:18,074 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/witness.graphml [2024-11-13 14:17:18,075 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/witness.yml [2024-11-13 14:17:18,075 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-13 14:17:18,076 INFO L158 Benchmark]: Toolchain (without parser) took 9306.89ms. Allocated memory is still 117.4MB. Free memory was 93.1MB in the beginning and 86.7MB in the end (delta: 6.3MB). Peak memory consumption was 65.0MB. Max. memory is 16.1GB. [2024-11-13 14:17:18,076 INFO L158 Benchmark]: CDTParser took 0.93ms. Allocated memory is still 167.8MB. Free memory is still 105.1MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 14:17:18,076 INFO L158 Benchmark]: CACSL2BoogieTranslator took 455.50ms. Allocated memory is still 117.4MB. Free memory was 93.1MB in the beginning and 74.5MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 14:17:18,076 INFO L158 Benchmark]: Boogie Procedure Inliner took 51.10ms. Allocated memory is still 117.4MB. Free memory was 74.5MB in the beginning and 72.8MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 14:17:18,077 INFO L158 Benchmark]: Boogie Preprocessor took 46.61ms. Allocated memory is still 117.4MB. Free memory was 72.8MB in the beginning and 71.2MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 14:17:18,077 INFO L158 Benchmark]: RCFGBuilder took 544.06ms. Allocated memory is still 117.4MB. Free memory was 71.2MB in the beginning and 55.5MB in the end (delta: 15.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 14:17:18,077 INFO L158 Benchmark]: TraceAbstraction took 8079.51ms. Allocated memory is still 117.4MB. Free memory was 54.8MB in the beginning and 35.0MB in the end (delta: 19.8MB). Peak memory consumption was 31.7MB. Max. memory is 16.1GB. [2024-11-13 14:17:18,078 INFO L158 Benchmark]: Witness Printer took 122.51ms. Allocated memory is still 117.4MB. Free memory was 35.0MB in the beginning and 86.7MB in the end (delta: -51.7MB). Peak memory consumption was 9.2MB. Max. memory is 16.1GB. [2024-11-13 14:17:18,079 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.93ms. Allocated memory is still 167.8MB. Free memory is still 105.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 455.50ms. Allocated memory is still 117.4MB. Free memory was 93.1MB in the beginning and 74.5MB in the end (delta: 18.5MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 51.10ms. Allocated memory is still 117.4MB. Free memory was 74.5MB in the beginning and 72.8MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 46.61ms. Allocated memory is still 117.4MB. Free memory was 72.8MB in the beginning and 71.2MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 544.06ms. Allocated memory is still 117.4MB. Free memory was 71.2MB in the beginning and 55.5MB in the end (delta: 15.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 8079.51ms. Allocated memory is still 117.4MB. Free memory was 54.8MB in the beginning and 35.0MB in the end (delta: 19.8MB). Peak memory consumption was 31.7MB. Max. memory is 16.1GB. * Witness Printer took 122.51ms. Allocated memory is still 117.4MB. Free memory was 35.0MB in the beginning and 86.7MB in the end (delta: -51.7MB). Peak memory consumption was 9.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] - GenericResultAtLocation [Line: 462]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] - GenericResultAtLocation [Line: 563]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] - GenericResultAtLocation [Line: 802]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] - GenericResultAtLocation [Line: 851]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 81 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.0s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 780 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 763 mSDsluCounter, 2558 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1664 mSDsCounter, 163 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 627 IncrementalHoareTripleChecker+Invalid, 790 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 163 mSolverCounterUnsat, 894 mSDtfsCounter, 627 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 296 GetRequests, 236 SyntacticMatches, 4 SemanticMatches, 56 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 169 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=397occurred in iteration=9, InterpolantAutomatonStates: 60, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 10 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.1s InterpolantComputationTime, 553 NumberOfCodeBlocks, 553 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 624 ConstructedInterpolants, 0 QuantifiedInterpolants, 1271 SizeOfPredicates, 2 NumberOfNonLiveVariables, 285 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 87/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 576]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 863]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 670]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 496]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 853]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 643]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((((((((\old(waterLevel) == 1) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1)))) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 484]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (\old(waterLevel) == 1)) && (1 == systemActive))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) && ((((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 730]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-13 14:17:18,113 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_57c1139c-a5f8-4108-84ce-3e759057eda0/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE