./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-13 14:01:06,121 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-13 14:01:06,184 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-13 14:01:06,189 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-13 14:01:06,190 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-13 14:01:06,213 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-13 14:01:06,213 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-13 14:01:06,214 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-13 14:01:06,214 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-13 14:01:06,214 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-13 14:01:06,214 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-13 14:01:06,215 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-13 14:01:06,215 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-13 14:01:06,215 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-13 14:01:06,215 INFO L153 SettingsManager]: * Use SBE=true [2024-11-13 14:01:06,215 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-13 14:01:06,216 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-13 14:01:06,217 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-13 14:01:06,217 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-13 14:01:06,218 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-13 14:01:06,218 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-13 14:01:06,218 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 14:01:06,218 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-13 14:01:06,218 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-13 14:01:06,218 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-13 14:01:06,219 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 [2024-11-13 14:01:06,526 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-13 14:01:06,538 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-13 14:01:06,540 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-13 14:01:06,544 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-13 14:01:06,544 INFO L274 PluginConnector]: CDTParser initialized [2024-11-13 14:01:06,547 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/../../sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c Unable to find full path for "g++" [2024-11-13 14:01:08,543 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-13 14:01:08,855 INFO L384 CDTParser]: Found 1 translation units. [2024-11-13 14:01:08,856 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-11-13 14:01:08,868 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/data/7f2a0a74c/47c0b1d3dff844e3bfd521707a064025/FLAGa4ade75e8 [2024-11-13 14:01:08,883 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/data/7f2a0a74c/47c0b1d3dff844e3bfd521707a064025 [2024-11-13 14:01:08,886 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-13 14:01:08,887 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-13 14:01:08,888 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-13 14:01:08,888 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-13 14:01:08,892 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-13 14:01:08,893 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 02:01:08" (1/1) ... [2024-11-13 14:01:08,894 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@50defa1d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:08, skipping insertion in model container [2024-11-13 14:01:08,894 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 02:01:08" (1/1) ... [2024-11-13 14:01:08,929 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-13 14:01:09,187 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-13 14:01:09,205 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 14:01:09,217 INFO L200 MainTranslator]: Completed pre-run [2024-11-13 14:01:09,226 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-13 14:01:09,228 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] [2024-11-13 14:01:09,228 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2024-11-13 14:01:09,228 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] [2024-11-13 14:01:09,229 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] [2024-11-13 14:01:09,229 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] [2024-11-13 14:01:09,230 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] [2024-11-13 14:01:09,230 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] [2024-11-13 14:01:09,319 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-11-13 14:01:09,326 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 14:01:09,345 INFO L204 MainTranslator]: Completed translation [2024-11-13 14:01:09,345 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09 WrapperNode [2024-11-13 14:01:09,346 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-13 14:01:09,347 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-13 14:01:09,347 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-13 14:01:09,347 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-13 14:01:09,357 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,368 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,389 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 208 [2024-11-13 14:01:09,390 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-13 14:01:09,390 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-13 14:01:09,390 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-13 14:01:09,391 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-13 14:01:09,403 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,404 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,406 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,419 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-13 14:01:09,419 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,420 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,425 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,430 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,432 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,433 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,435 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-13 14:01:09,435 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-13 14:01:09,436 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-13 14:01:09,436 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-13 14:01:09,437 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (1/1) ... [2024-11-13 14:01:09,442 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 14:01:09,460 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 14:01:09,474 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-13 14:01:09,478 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-13 14:01:09,507 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-13 14:01:09,507 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-13 14:01:09,508 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-13 14:01:09,508 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-13 14:01:09,508 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-13 14:01:09,508 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-13 14:01:09,508 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-13 14:01:09,508 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 14:01:09,508 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 14:01:09,508 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-13 14:01:09,508 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-13 14:01:09,509 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-13 14:01:09,509 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-13 14:01:09,509 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-13 14:01:09,510 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-13 14:01:09,510 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-13 14:01:09,510 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-13 14:01:09,511 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-13 14:01:09,511 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-13 14:01:09,511 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-13 14:01:09,607 INFO L238 CfgBuilder]: Building ICFG [2024-11-13 14:01:09,610 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-13 14:01:09,979 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-13 14:01:09,979 INFO L287 CfgBuilder]: Performing block encoding [2024-11-13 14:01:09,999 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-13 14:01:09,999 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-13 14:01:09,999 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:01:09 BoogieIcfgContainer [2024-11-13 14:01:09,999 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-13 14:01:10,006 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-13 14:01:10,006 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-13 14:01:10,011 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-13 14:01:10,011 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.11 02:01:08" (1/3) ... [2024-11-13 14:01:10,012 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@118effa0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 02:01:10, skipping insertion in model container [2024-11-13 14:01:10,012 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 02:01:09" (2/3) ... [2024-11-13 14:01:10,012 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@118effa0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 02:01:10, skipping insertion in model container [2024-11-13 14:01:10,012 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:01:09" (3/3) ... [2024-11-13 14:01:10,013 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product40.cil.c [2024-11-13 14:01:10,029 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-13 14:01:10,031 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product40.cil.c that has 9 procedures, 98 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-13 14:01:10,102 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-13 14:01:10,119 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6a7f8ce9, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-13 14:01:10,119 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-13 14:01:10,124 INFO L276 IsEmpty]: Start isEmpty. Operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-13 14:01:10,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-13 14:01:10,134 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:10,134 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:10,135 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:10,141 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:10,141 INFO L85 PathProgramCache]: Analyzing trace with hash 260696974, now seen corresponding path program 1 times [2024-11-13 14:01:10,149 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:10,150 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1120324705] [2024-11-13 14:01:10,150 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:10,150 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:10,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,383 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-13 14:01:10,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,399 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-13 14:01:10,405 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,419 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:10,420 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:10,420 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1120324705] [2024-11-13 14:01:10,421 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1120324705] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:10,421 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:10,421 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-13 14:01:10,462 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [533269616] [2024-11-13 14:01:10,463 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:10,468 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-13 14:01:10,469 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:10,488 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-13 14:01:10,488 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 14:01:10,490 INFO L87 Difference]: Start difference. First operand has 98 states, 74 states have (on average 1.364864864864865) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:01:10,517 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:10,518 INFO L93 Difference]: Finished difference Result 187 states and 252 transitions. [2024-11-13 14:01:10,518 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-13 14:01:10,520 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-13 14:01:10,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:10,527 INFO L225 Difference]: With dead ends: 187 [2024-11-13 14:01:10,528 INFO L226 Difference]: Without dead ends: 89 [2024-11-13 14:01:10,531 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 14:01:10,534 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:10,535 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:01:10,548 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2024-11-13 14:01:10,569 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2024-11-13 14:01:10,572 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 67 states have (on average 1.2985074626865671) internal successors, (87), 75 states have internal predecessors, (87), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-13 14:01:10,586 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 114 transitions. [2024-11-13 14:01:10,588 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 114 transitions. Word has length 32 [2024-11-13 14:01:10,588 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:10,588 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 114 transitions. [2024-11-13 14:01:10,589 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:01:10,589 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 114 transitions. [2024-11-13 14:01:10,593 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-13 14:01:10,593 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:10,593 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:10,594 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-13 14:01:10,594 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:10,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:10,594 INFO L85 PathProgramCache]: Analyzing trace with hash -1246355079, now seen corresponding path program 1 times [2024-11-13 14:01:10,595 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:10,595 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1195129290] [2024-11-13 14:01:10,595 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:10,595 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:10,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,759 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-13 14:01:10,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,766 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-13 14:01:10,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:10,774 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:10,775 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:10,775 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1195129290] [2024-11-13 14:01:10,775 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1195129290] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:10,775 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:10,775 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 14:01:10,775 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1746051431] [2024-11-13 14:01:10,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:10,779 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 14:01:10,779 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:10,783 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 14:01:10,783 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:01:10,783 INFO L87 Difference]: Start difference. First operand 89 states and 114 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:01:10,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:10,804 INFO L93 Difference]: Finished difference Result 138 states and 176 transitions. [2024-11-13 14:01:10,805 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 14:01:10,805 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-13 14:01:10,805 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:10,808 INFO L225 Difference]: With dead ends: 138 [2024-11-13 14:01:10,809 INFO L226 Difference]: Without dead ends: 80 [2024-11-13 14:01:10,809 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 14:01:10,810 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 17 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:10,811 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 180 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:01:10,812 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-13 14:01:10,819 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-13 14:01:10,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 61 states have (on average 1.3114754098360655) internal successors, (80), 69 states have internal predecessors, (80), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-13 14:01:10,820 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-13 14:01:10,821 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 33 [2024-11-13 14:01:10,821 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:10,821 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-13 14:01:10,821 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 14:01:10,822 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-13 14:01:10,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-13 14:01:10,823 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:10,823 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:10,823 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-13 14:01:10,823 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:10,824 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:10,824 INFO L85 PathProgramCache]: Analyzing trace with hash 1608166072, now seen corresponding path program 1 times [2024-11-13 14:01:10,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:10,824 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1471034229] [2024-11-13 14:01:10,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:10,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:10,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,030 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:01:11,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,040 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-13 14:01:11,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,048 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:11,048 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:11,048 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1471034229] [2024-11-13 14:01:11,048 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1471034229] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:11,048 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:11,052 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 14:01:11,052 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1429942013] [2024-11-13 14:01:11,052 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:11,053 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 14:01:11,053 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:11,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 14:01:11,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:01:11,053 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:01:11,142 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:11,142 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-11-13 14:01:11,142 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-13 14:01:11,143 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-13 14:01:11,143 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:11,144 INFO L225 Difference]: With dead ends: 199 [2024-11-13 14:01:11,144 INFO L226 Difference]: Without dead ends: 127 [2024-11-13 14:01:11,145 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 14:01:11,146 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 91 mSDsluCounter, 283 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 397 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:11,146 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 397 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 14:01:11,147 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-11-13 14:01:11,163 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 124. [2024-11-13 14:01:11,163 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 94 states have (on average 1.3297872340425532) internal successors, (125), 105 states have internal predecessors, (125), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2024-11-13 14:01:11,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 160 transitions. [2024-11-13 14:01:11,165 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 160 transitions. Word has length 38 [2024-11-13 14:01:11,165 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:11,165 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 160 transitions. [2024-11-13 14:01:11,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:01:11,166 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 160 transitions. [2024-11-13 14:01:11,167 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-13 14:01:11,167 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:11,167 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:11,167 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-13 14:01:11,168 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:11,168 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:11,168 INFO L85 PathProgramCache]: Analyzing trace with hash -1117251338, now seen corresponding path program 1 times [2024-11-13 14:01:11,168 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:11,168 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [352542056] [2024-11-13 14:01:11,168 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:11,168 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:11,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,305 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-13 14:01:11,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,308 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-13 14:01:11,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,340 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-13 14:01:11,341 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:11,341 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [352542056] [2024-11-13 14:01:11,341 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [352542056] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:11,341 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:11,341 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 14:01:11,341 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [4625580] [2024-11-13 14:01:11,341 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:11,342 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 14:01:11,342 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:11,343 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 14:01:11,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 14:01:11,344 INFO L87 Difference]: Start difference. First operand 124 states and 160 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:01:11,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:11,574 INFO L93 Difference]: Finished difference Result 279 states and 370 transitions. [2024-11-13 14:01:11,575 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 14:01:11,575 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-13 14:01:11,576 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:11,577 INFO L225 Difference]: With dead ends: 279 [2024-11-13 14:01:11,577 INFO L226 Difference]: Without dead ends: 163 [2024-11-13 14:01:11,579 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 14:01:11,580 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 72 mSDsluCounter, 334 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:11,583 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 436 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 14:01:11,584 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 163 states. [2024-11-13 14:01:11,627 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 163 to 162. [2024-11-13 14:01:11,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 123 states have (on average 1.2682926829268293) internal successors, (156), 133 states have internal predecessors, (156), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2024-11-13 14:01:11,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 204 transitions. [2024-11-13 14:01:11,633 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 204 transitions. Word has length 41 [2024-11-13 14:01:11,635 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:11,635 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 204 transitions. [2024-11-13 14:01:11,635 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 14:01:11,636 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 204 transitions. [2024-11-13 14:01:11,637 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-13 14:01:11,641 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:11,641 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:11,642 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-13 14:01:11,642 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:11,642 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:11,642 INFO L85 PathProgramCache]: Analyzing trace with hash 483008117, now seen corresponding path program 1 times [2024-11-13 14:01:11,643 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:11,643 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1996751965] [2024-11-13 14:01:11,643 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:11,643 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:11,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,772 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:01:11,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 14:01:11,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,856 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-13 14:01:11,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:11,863 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:11,864 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:11,864 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1996751965] [2024-11-13 14:01:11,865 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1996751965] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:11,865 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:11,865 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 14:01:11,865 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [942919919] [2024-11-13 14:01:11,865 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:11,866 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 14:01:11,866 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:11,867 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 14:01:11,867 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 14:01:11,867 INFO L87 Difference]: Start difference. First operand 162 states and 204 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:12,103 INFO L93 Difference]: Finished difference Result 344 states and 439 transitions. [2024-11-13 14:01:12,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-13 14:01:12,104 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-13 14:01:12,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:12,106 INFO L225 Difference]: With dead ends: 344 [2024-11-13 14:01:12,106 INFO L226 Difference]: Without dead ends: 190 [2024-11-13 14:01:12,107 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 14:01:12,112 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 53 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 379 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:12,113 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 379 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 14:01:12,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2024-11-13 14:01:12,159 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 188. [2024-11-13 14:01:12,161 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 144 states have (on average 1.2569444444444444) internal successors, (181), 154 states have internal predecessors, (181), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (32), 24 states have call predecessors, (32), 23 states have call successors, (32) [2024-11-13 14:01:12,164 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 236 transitions. [2024-11-13 14:01:12,166 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 236 transitions. Word has length 52 [2024-11-13 14:01:12,167 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:12,167 INFO L471 AbstractCegarLoop]: Abstraction has 188 states and 236 transitions. [2024-11-13 14:01:12,167 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,167 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 236 transitions. [2024-11-13 14:01:12,169 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-13 14:01:12,169 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:12,169 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:12,172 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-13 14:01:12,172 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:12,173 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:12,173 INFO L85 PathProgramCache]: Analyzing trace with hash -440955979, now seen corresponding path program 1 times [2024-11-13 14:01:12,173 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:12,173 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1205030502] [2024-11-13 14:01:12,173 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:12,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:12,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,247 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-13 14:01:12,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,258 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-13 14:01:12,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,266 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-13 14:01:12,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,273 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:12,273 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:12,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1205030502] [2024-11-13 14:01:12,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1205030502] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:12,273 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:12,273 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-13 14:01:12,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [708547833] [2024-11-13 14:01:12,274 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:12,274 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-13 14:01:12,274 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:12,275 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-13 14:01:12,275 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-13 14:01:12,275 INFO L87 Difference]: Start difference. First operand 188 states and 236 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:12,461 INFO L93 Difference]: Finished difference Result 372 states and 467 transitions. [2024-11-13 14:01:12,461 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-13 14:01:12,461 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-13 14:01:12,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:12,465 INFO L225 Difference]: With dead ends: 372 [2024-11-13 14:01:12,466 INFO L226 Difference]: Without dead ends: 192 [2024-11-13 14:01:12,467 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:01:12,467 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 90 mSDsluCounter, 144 mSDsCounter, 0 mSdLazyCounter, 75 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 258 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 75 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:12,468 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 258 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 75 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-13 14:01:12,469 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 192 states. [2024-11-13 14:01:12,492 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 192 to 188. [2024-11-13 14:01:12,493 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 188 states, 144 states have (on average 1.25) internal successors, (180), 154 states have internal predecessors, (180), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-13 14:01:12,494 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 188 states to 188 states and 233 transitions. [2024-11-13 14:01:12,495 INFO L78 Accepts]: Start accepts. Automaton has 188 states and 233 transitions. Word has length 55 [2024-11-13 14:01:12,495 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:12,495 INFO L471 AbstractCegarLoop]: Abstraction has 188 states and 233 transitions. [2024-11-13 14:01:12,496 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,496 INFO L276 IsEmpty]: Start isEmpty. Operand 188 states and 233 transitions. [2024-11-13 14:01:12,497 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-13 14:01:12,497 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:12,497 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:12,497 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-13 14:01:12,498 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:12,498 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:12,498 INFO L85 PathProgramCache]: Analyzing trace with hash -1205935625, now seen corresponding path program 1 times [2024-11-13 14:01:12,498 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:12,498 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1470451283] [2024-11-13 14:01:12,499 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:12,499 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:12,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,613 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:01:12,615 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,624 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 14:01:12,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-13 14:01:12,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,684 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:12,684 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:12,688 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1470451283] [2024-11-13 14:01:12,688 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1470451283] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:12,688 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:12,688 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 14:01:12,689 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [780795355] [2024-11-13 14:01:12,689 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:12,689 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 14:01:12,689 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:12,691 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 14:01:12,691 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:01:12,691 INFO L87 Difference]: Start difference. First operand 188 states and 233 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,871 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:12,871 INFO L93 Difference]: Finished difference Result 372 states and 470 transitions. [2024-11-13 14:01:12,872 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-13 14:01:12,872 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-13 14:01:12,872 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:12,874 INFO L225 Difference]: With dead ends: 372 [2024-11-13 14:01:12,874 INFO L226 Difference]: Without dead ends: 192 [2024-11-13 14:01:12,875 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 14:01:12,876 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 52 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:12,876 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 297 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-13 14:01:12,877 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 192 states. [2024-11-13 14:01:12,899 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 192 to 190. [2024-11-13 14:01:12,899 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 146 states have (on average 1.2465753424657535) internal successors, (182), 156 states have internal predecessors, (182), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-13 14:01:12,901 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 235 transitions. [2024-11-13 14:01:12,902 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 235 transitions. Word has length 52 [2024-11-13 14:01:12,902 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:12,902 INFO L471 AbstractCegarLoop]: Abstraction has 190 states and 235 transitions. [2024-11-13 14:01:12,903 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:12,903 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 235 transitions. [2024-11-13 14:01:12,904 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-13 14:01:12,904 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:12,904 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:12,904 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-13 14:01:12,904 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:12,905 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:12,905 INFO L85 PathProgramCache]: Analyzing trace with hash -783233799, now seen corresponding path program 1 times [2024-11-13 14:01:12,905 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:12,905 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1293207912] [2024-11-13 14:01:12,905 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:12,905 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:12,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,989 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 14:01:12,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:12,999 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 14:01:13,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,038 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-13 14:01:13,040 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,041 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:13,042 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:13,042 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1293207912] [2024-11-13 14:01:13,042 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1293207912] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:13,042 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:13,042 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 14:01:13,042 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [793717377] [2024-11-13 14:01:13,044 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:13,045 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 14:01:13,045 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:13,045 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 14:01:13,046 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 14:01:13,046 INFO L87 Difference]: Start difference. First operand 190 states and 235 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:13,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:13,398 INFO L93 Difference]: Finished difference Result 585 states and 748 transitions. [2024-11-13 14:01:13,399 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 14:01:13,399 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-13 14:01:13,399 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:13,404 INFO L225 Difference]: With dead ends: 585 [2024-11-13 14:01:13,404 INFO L226 Difference]: Without dead ends: 403 [2024-11-13 14:01:13,405 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 14:01:13,406 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 222 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 229 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:13,406 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [229 Valid, 316 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-13 14:01:13,407 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 403 states. [2024-11-13 14:01:13,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 403 to 401. [2024-11-13 14:01:13,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 401 states, 306 states have (on average 1.2189542483660132) internal successors, (373), 324 states have internal predecessors, (373), 52 states have call successors, (52), 42 states have call predecessors, (52), 42 states have return successors, (72), 51 states have call predecessors, (72), 52 states have call successors, (72) [2024-11-13 14:01:13,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 401 states to 401 states and 497 transitions. [2024-11-13 14:01:13,487 INFO L78 Accepts]: Start accepts. Automaton has 401 states and 497 transitions. Word has length 52 [2024-11-13 14:01:13,488 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:13,488 INFO L471 AbstractCegarLoop]: Abstraction has 401 states and 497 transitions. [2024-11-13 14:01:13,488 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 14:01:13,488 INFO L276 IsEmpty]: Start isEmpty. Operand 401 states and 497 transitions. [2024-11-13 14:01:13,490 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-13 14:01:13,490 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:13,490 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:13,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-13 14:01:13,491 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:13,491 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:13,491 INFO L85 PathProgramCache]: Analyzing trace with hash 43735443, now seen corresponding path program 1 times [2024-11-13 14:01:13,492 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:13,492 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1868084172] [2024-11-13 14:01:13,492 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:13,492 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:13,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,792 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 14:01:13,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,802 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-13 14:01:13,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,820 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-13 14:01:13,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,850 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-13 14:01:13,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:13,853 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 14:01:13,853 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:13,853 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1868084172] [2024-11-13 14:01:13,853 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1868084172] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 14:01:13,853 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 14:01:13,853 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-13 14:01:13,854 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [201631165] [2024-11-13 14:01:13,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 14:01:13,854 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-13 14:01:13,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:13,855 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-13 14:01:13,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-13 14:01:13,855 INFO L87 Difference]: Start difference. First operand 401 states and 497 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 14:01:14,811 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:14,811 INFO L93 Difference]: Finished difference Result 1014 states and 1309 transitions. [2024-11-13 14:01:14,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-13 14:01:14,812 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-11-13 14:01:14,812 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:14,816 INFO L225 Difference]: With dead ends: 1014 [2024-11-13 14:01:14,816 INFO L226 Difference]: Without dead ends: 709 [2024-11-13 14:01:14,818 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-11-13 14:01:14,819 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 530 mSDsluCounter, 510 mSDsCounter, 0 mSdLazyCounter, 518 mSolverCounterSat, 172 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 538 SdHoareTripleChecker+Valid, 619 SdHoareTripleChecker+Invalid, 690 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 172 IncrementalHoareTripleChecker+Valid, 518 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:14,819 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [538 Valid, 619 Invalid, 690 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [172 Valid, 518 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-13 14:01:14,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 709 states. [2024-11-13 14:01:14,885 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 709 to 593. [2024-11-13 14:01:14,886 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 593 states, 453 states have (on average 1.2075055187637969) internal successors, (547), 483 states have internal predecessors, (547), 75 states have call successors, (75), 57 states have call predecessors, (75), 64 states have return successors, (108), 73 states have call predecessors, (108), 75 states have call successors, (108) [2024-11-13 14:01:14,891 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 593 states to 593 states and 730 transitions. [2024-11-13 14:01:14,891 INFO L78 Accepts]: Start accepts. Automaton has 593 states and 730 transitions. Word has length 56 [2024-11-13 14:01:14,892 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:14,892 INFO L471 AbstractCegarLoop]: Abstraction has 593 states and 730 transitions. [2024-11-13 14:01:14,892 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 14:01:14,892 INFO L276 IsEmpty]: Start isEmpty. Operand 593 states and 730 transitions. [2024-11-13 14:01:14,893 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2024-11-13 14:01:14,893 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 14:01:14,894 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:14,894 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-13 14:01:14,894 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 14:01:14,894 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 14:01:14,894 INFO L85 PathProgramCache]: Analyzing trace with hash 1407666908, now seen corresponding path program 1 times [2024-11-13 14:01:14,894 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 14:01:14,894 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1710441107] [2024-11-13 14:01:14,895 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:14,895 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 14:01:14,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 14:01:15,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,112 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-13 14:01:15,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,152 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 14:01:15,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,164 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-13 14:01:15,167 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,174 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-11-13 14:01:15,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,191 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-11-13 14:01:15,192 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 14:01:15,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-11-13 14:01:15,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,199 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-13 14:01:15,199 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 14:01:15,199 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1710441107] [2024-11-13 14:01:15,199 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1710441107] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-13 14:01:15,199 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [53071750] [2024-11-13 14:01:15,199 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 14:01:15,200 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 14:01:15,200 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 14:01:15,202 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-13 14:01:15,204 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-13 14:01:15,322 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 14:01:15,327 INFO L255 TraceCheckSpWp]: Trace formula consists of 318 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-13 14:01:15,332 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-13 14:01:15,516 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-13 14:01:15,516 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-13 14:01:15,747 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-13 14:01:15,747 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [53071750] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-13 14:01:15,748 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-13 14:01:15,748 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-13 14:01:15,748 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1665807873] [2024-11-13 14:01:15,748 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-13 14:01:15,748 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-13 14:01:15,748 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 14:01:15,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-13 14:01:15,749 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-13 14:01:15,749 INFO L87 Difference]: Start difference. First operand 593 states and 730 transitions. Second operand has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-13 14:01:17,075 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 14:01:17,076 INFO L93 Difference]: Finished difference Result 1288 states and 1633 transitions. [2024-11-13 14:01:17,076 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-13 14:01:17,076 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 96 [2024-11-13 14:01:17,077 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 14:01:17,078 INFO L225 Difference]: With dead ends: 1288 [2024-11-13 14:01:17,078 INFO L226 Difference]: Without dead ends: 0 [2024-11-13 14:01:17,082 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 249 GetRequests, 208 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 334 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=277, Invalid=1205, Unknown=0, NotChecked=0, Total=1482 [2024-11-13 14:01:17,082 INFO L432 NwaCegarLoop]: 173 mSDtfsCounter, 249 mSDsluCounter, 1263 mSDsCounter, 0 mSdLazyCounter, 1072 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 256 SdHoareTripleChecker+Valid, 1436 SdHoareTripleChecker+Invalid, 1146 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 1072 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-13 14:01:17,083 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [256 Valid, 1436 Invalid, 1146 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 1072 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-13 14:01:17,083 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-13 14:01:17,083 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-13 14:01:17,083 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-13 14:01:17,083 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-13 14:01:17,084 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 96 [2024-11-13 14:01:17,084 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 14:01:17,084 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-13 14:01:17,085 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.4375) internal successors, (119), 11 states have internal predecessors, (119), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-13 14:01:17,085 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-13 14:01:17,085 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-13 14:01:17,087 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-13 14:01:17,108 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-13 14:01:17,291 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-13 14:01:17,293 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 14:01:17,295 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-13 14:01:22,333 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-13 14:01:22,349 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-13 14:01:22,373 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-13 14:01:22,393 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-13 14:01:22,401 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-13 14:01:22,414 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.11 02:01:22 BoogieIcfgContainer [2024-11-13 14:01:22,414 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-13 14:01:22,415 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-13 14:01:22,415 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-13 14:01:22,415 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-13 14:01:22,416 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 02:01:09" (3/4) ... [2024-11-13 14:01:22,420 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-13 14:01:22,425 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-13 14:01:22,426 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-13 14:01:22,435 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-13 14:01:22,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-13 14:01:22,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-13 14:01:22,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 14:01:22,436 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 14:01:22,552 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/witness.graphml [2024-11-13 14:01:22,552 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/witness.yml [2024-11-13 14:01:22,552 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-13 14:01:22,553 INFO L158 Benchmark]: Toolchain (without parser) took 13666.14ms. Allocated memory was 117.4MB in the beginning and 352.3MB in the end (delta: 234.9MB). Free memory was 93.3MB in the beginning and 153.5MB in the end (delta: -60.3MB). Peak memory consumption was 174.0MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,554 INFO L158 Benchmark]: CDTParser took 1.05ms. Allocated memory is still 167.8MB. Free memory is still 104.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 14:01:22,555 INFO L158 Benchmark]: CACSL2BoogieTranslator took 458.01ms. Allocated memory is still 117.4MB. Free memory was 93.3MB in the beginning and 74.6MB in the end (delta: 18.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,555 INFO L158 Benchmark]: Boogie Procedure Inliner took 43.15ms. Allocated memory is still 117.4MB. Free memory was 74.6MB in the beginning and 72.5MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 14:01:22,556 INFO L158 Benchmark]: Boogie Preprocessor took 44.58ms. Allocated memory is still 117.4MB. Free memory was 72.5MB in the beginning and 70.9MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,556 INFO L158 Benchmark]: RCFGBuilder took 563.80ms. Allocated memory is still 117.4MB. Free memory was 70.9MB in the beginning and 53.7MB in the end (delta: 17.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,556 INFO L158 Benchmark]: TraceAbstraction took 12408.66ms. Allocated memory was 117.4MB in the beginning and 352.3MB in the end (delta: 234.9MB). Free memory was 53.4MB in the beginning and 158.2MB in the end (delta: -104.8MB). Peak memory consumption was 174.8MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,557 INFO L158 Benchmark]: Witness Printer took 137.52ms. Allocated memory is still 352.3MB. Free memory was 158.2MB in the beginning and 153.5MB in the end (delta: 4.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 14:01:22,559 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 1.05ms. Allocated memory is still 167.8MB. Free memory is still 104.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 458.01ms. Allocated memory is still 117.4MB. Free memory was 93.3MB in the beginning and 74.6MB in the end (delta: 18.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 43.15ms. Allocated memory is still 117.4MB. Free memory was 74.6MB in the beginning and 72.5MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 44.58ms. Allocated memory is still 117.4MB. Free memory was 72.5MB in the beginning and 70.9MB in the end (delta: 1.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 563.80ms. Allocated memory is still 117.4MB. Free memory was 70.9MB in the beginning and 53.7MB in the end (delta: 17.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 12408.66ms. Allocated memory was 117.4MB in the beginning and 352.3MB in the end (delta: 234.9MB). Free memory was 53.4MB in the beginning and 158.2MB in the end (delta: -104.8MB). Peak memory consumption was 174.8MB. Max. memory is 16.1GB. * Witness Printer took 137.52ms. Allocated memory is still 352.3MB. Free memory was 158.2MB in the beginning and 153.5MB in the end (delta: 4.7MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 266]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] - GenericResultAtLocation [Line: 755]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] - GenericResultAtLocation [Line: 864]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] - GenericResultAtLocation [Line: 899]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 860]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 98 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.2s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1419 SdHoareTripleChecker+Valid, 2.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1376 mSDsluCounter, 4441 SdHoareTripleChecker+Invalid, 1.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3295 mSDsCounter, 365 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2090 IncrementalHoareTripleChecker+Invalid, 2455 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 365 mSolverCounterUnsat, 1146 mSDtfsCounter, 2090 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 376 GetRequests, 277 SyntacticMatches, 4 SemanticMatches, 95 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 491 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=593occurred in iteration=9, InterpolantAutomatonStates: 92, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 130 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.2s InterpolantComputationTime, 603 NumberOfCodeBlocks, 603 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 687 ConstructedInterpolants, 0 QuantifiedInterpolants, 1267 SizeOfPredicates, 2 NumberOfNonLiveVariables, 318 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 279]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) || (((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) - InvariantResult [Line: 767]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((2 == waterLevel) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 926]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 757]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2)) || (((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 914]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) <= 2))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (waterLevel <= 2))) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-13 14:01:22,599 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_eaaf8094-4031-403e-9ad6-83e864f04248/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE