./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-13 16:13:22,555 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-13 16:13:22,641 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-13 16:13:22,647 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-13 16:13:22,647 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-13 16:13:22,682 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-13 16:13:22,682 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-13 16:13:22,683 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-13 16:13:22,683 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-13 16:13:22,683 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-13 16:13:22,683 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-13 16:13:22,683 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-13 16:13:22,685 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-13 16:13:22,685 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-13 16:13:22,686 INFO L153 SettingsManager]: * Use SBE=true [2024-11-13 16:13:22,687 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-13 16:13:22,687 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-13 16:13:22,687 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-13 16:13:22,687 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-13 16:13:22,687 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-13 16:13:22,688 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-13 16:13:22,689 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 16:13:22,689 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-13 16:13:22,689 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-13 16:13:22,690 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c [2024-11-13 16:13:22,997 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-13 16:13:23,006 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-13 16:13:23,009 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-13 16:13:23,011 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-13 16:13:23,011 INFO L274 PluginConnector]: CDTParser initialized [2024-11-13 16:13:23,012 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c Unable to find full path for "g++" [2024-11-13 16:13:25,070 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-13 16:13:25,408 INFO L384 CDTParser]: Found 1 translation units. [2024-11-13 16:13:25,409 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2024-11-13 16:13:25,431 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/data/6c82e8fe4/58635886f19c44a3919e2046a0bd77e4/FLAG6a5175b58 [2024-11-13 16:13:25,454 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/data/6c82e8fe4/58635886f19c44a3919e2046a0bd77e4 [2024-11-13 16:13:25,458 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-13 16:13:25,460 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-13 16:13:25,463 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-13 16:13:25,463 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-13 16:13:25,467 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-13 16:13:25,468 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 04:13:25" (1/1) ... [2024-11-13 16:13:25,470 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@12d29eed and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:25, skipping insertion in model container [2024-11-13 16:13:25,471 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 04:13:25" (1/1) ... [2024-11-13 16:13:25,519 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-13 16:13:25,808 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-13 16:13:25,876 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 16:13:25,895 INFO L200 MainTranslator]: Completed pre-run [2024-11-13 16:13:25,903 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] [2024-11-13 16:13:25,905 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] [2024-11-13 16:13:25,946 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2024-11-13 16:13:26,008 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 16:13:26,027 INFO L204 MainTranslator]: Completed translation [2024-11-13 16:13:26,027 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26 WrapperNode [2024-11-13 16:13:26,028 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-13 16:13:26,029 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-13 16:13:26,029 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-13 16:13:26,029 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-13 16:13:26,036 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,048 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,078 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 240 [2024-11-13 16:13:26,078 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-13 16:13:26,079 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-13 16:13:26,081 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-13 16:13:26,081 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-13 16:13:26,091 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,091 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,093 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,107 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-13 16:13:26,107 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,108 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,112 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,116 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,118 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,119 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,121 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-13 16:13:26,122 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-13 16:13:26,122 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-13 16:13:26,122 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-13 16:13:26,123 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (1/1) ... [2024-11-13 16:13:26,130 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 16:13:26,149 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 16:13:26,165 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-13 16:13:26,174 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-13 16:13:26,200 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-13 16:13:26,200 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-13 16:13:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-13 16:13:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-13 16:13:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-13 16:13:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-13 16:13:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-13 16:13:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:13:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:13:26,202 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-13 16:13:26,202 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-13 16:13:26,202 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-13 16:13:26,203 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-13 16:13:26,203 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-13 16:13:26,203 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-13 16:13:26,203 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-13 16:13:26,203 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-13 16:13:26,204 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-13 16:13:26,204 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-13 16:13:26,204 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-13 16:13:26,204 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-13 16:13:26,205 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-13 16:13:26,288 INFO L238 CfgBuilder]: Building ICFG [2024-11-13 16:13:26,290 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-13 16:13:26,731 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-13 16:13:26,731 INFO L287 CfgBuilder]: Performing block encoding [2024-11-13 16:13:26,752 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-13 16:13:26,754 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-13 16:13:26,755 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:13:26 BoogieIcfgContainer [2024-11-13 16:13:26,755 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-13 16:13:26,757 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-13 16:13:26,759 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-13 16:13:26,764 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-13 16:13:26,764 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.11 04:13:25" (1/3) ... [2024-11-13 16:13:26,766 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@27731405 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 04:13:26, skipping insertion in model container [2024-11-13 16:13:26,766 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:13:26" (2/3) ... [2024-11-13 16:13:26,766 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@27731405 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 04:13:26, skipping insertion in model container [2024-11-13 16:13:26,766 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:13:26" (3/3) ... [2024-11-13 16:13:26,768 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product56.cil.c [2024-11-13 16:13:26,789 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-13 16:13:26,791 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product56.cil.c that has 10 procedures, 110 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-13 16:13:26,869 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-13 16:13:26,881 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@42f5d637, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-13 16:13:26,881 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-13 16:13:26,885 INFO L276 IsEmpty]: Start isEmpty. Operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-13 16:13:26,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-13 16:13:26,895 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:26,896 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:26,896 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:26,900 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:26,901 INFO L85 PathProgramCache]: Analyzing trace with hash 1643325638, now seen corresponding path program 1 times [2024-11-13 16:13:26,908 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:26,909 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1715449876] [2024-11-13 16:13:26,909 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:26,910 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:27,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-13 16:13:27,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,141 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-13 16:13:27,147 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,156 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:27,157 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:27,158 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1715449876] [2024-11-13 16:13:27,162 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1715449876] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:27,162 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:27,162 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-13 16:13:27,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [255940573] [2024-11-13 16:13:27,164 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:27,169 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-13 16:13:27,171 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:27,194 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-13 16:13:27,195 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 16:13:27,198 INFO L87 Difference]: Start difference. First operand has 110 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:13:27,246 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:27,248 INFO L93 Difference]: Finished difference Result 211 states and 286 transitions. [2024-11-13 16:13:27,249 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-13 16:13:27,250 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-13 16:13:27,251 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:27,259 INFO L225 Difference]: With dead ends: 211 [2024-11-13 16:13:27,261 INFO L226 Difference]: Without dead ends: 101 [2024-11-13 16:13:27,266 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 16:13:27,269 INFO L432 NwaCegarLoop]: 140 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:27,269 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:13:27,279 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2024-11-13 16:13:27,300 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2024-11-13 16:13:27,301 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 75 states have (on average 1.3066666666666666) internal successors, (98), 85 states have internal predecessors, (98), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-13 16:13:27,306 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 131 transitions. [2024-11-13 16:13:27,308 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 131 transitions. Word has length 32 [2024-11-13 16:13:27,309 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:27,309 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 131 transitions. [2024-11-13 16:13:27,309 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:13:27,309 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 131 transitions. [2024-11-13 16:13:27,312 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-13 16:13:27,312 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:27,312 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:27,313 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-13 16:13:27,313 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:27,314 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:27,314 INFO L85 PathProgramCache]: Analyzing trace with hash 136273585, now seen corresponding path program 1 times [2024-11-13 16:13:27,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:27,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1505802072] [2024-11-13 16:13:27,314 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:27,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:27,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,444 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-13 16:13:27,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,454 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-13 16:13:27,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,465 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:27,465 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:27,465 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1505802072] [2024-11-13 16:13:27,465 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1505802072] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:27,469 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:27,469 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 16:13:27,469 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [598132891] [2024-11-13 16:13:27,469 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:27,470 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 16:13:27,470 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:27,471 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 16:13:27,471 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:13:27,471 INFO L87 Difference]: Start difference. First operand 101 states and 131 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:13:27,501 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:27,501 INFO L93 Difference]: Finished difference Result 162 states and 210 transitions. [2024-11-13 16:13:27,504 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 16:13:27,504 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-13 16:13:27,504 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:27,506 INFO L225 Difference]: With dead ends: 162 [2024-11-13 16:13:27,506 INFO L226 Difference]: Without dead ends: 92 [2024-11-13 16:13:27,506 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:13:27,507 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 17 mSDsluCounter, 96 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:27,508 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 214 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:13:27,509 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 92 states. [2024-11-13 16:13:27,517 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 92 to 92. [2024-11-13 16:13:27,517 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 92 states, 69 states have (on average 1.318840579710145) internal successors, (91), 79 states have internal predecessors, (91), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-13 16:13:27,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 92 states to 92 states and 119 transitions. [2024-11-13 16:13:27,519 INFO L78 Accepts]: Start accepts. Automaton has 92 states and 119 transitions. Word has length 33 [2024-11-13 16:13:27,519 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:27,520 INFO L471 AbstractCegarLoop]: Abstraction has 92 states and 119 transitions. [2024-11-13 16:13:27,520 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:13:27,520 INFO L276 IsEmpty]: Start isEmpty. Operand 92 states and 119 transitions. [2024-11-13 16:13:27,521 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-13 16:13:27,521 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:27,521 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:27,522 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-13 16:13:27,522 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:27,522 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:27,523 INFO L85 PathProgramCache]: Analyzing trace with hash -1797839660, now seen corresponding path program 1 times [2024-11-13 16:13:27,523 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:27,523 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1362667650] [2024-11-13 16:13:27,523 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:27,523 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:27,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,689 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:13:27,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,698 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-13 16:13:27,703 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,707 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:27,707 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:27,707 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1362667650] [2024-11-13 16:13:27,707 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1362667650] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:27,708 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:27,708 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 16:13:27,708 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [17531801] [2024-11-13 16:13:27,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:27,708 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 16:13:27,708 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:27,709 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 16:13:27,710 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:13:27,711 INFO L87 Difference]: Start difference. First operand 92 states and 119 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:13:27,767 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:27,767 INFO L93 Difference]: Finished difference Result 258 states and 340 transitions. [2024-11-13 16:13:27,768 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 16:13:27,768 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-13 16:13:27,768 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:27,770 INFO L225 Difference]: With dead ends: 258 [2024-11-13 16:13:27,770 INFO L226 Difference]: Without dead ends: 174 [2024-11-13 16:13:27,771 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:13:27,772 INFO L432 NwaCegarLoop]: 135 mSDtfsCounter, 107 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:27,772 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 241 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:13:27,773 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2024-11-13 16:13:27,794 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 171. [2024-11-13 16:13:27,798 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 171 states, 126 states have (on average 1.3412698412698412) internal successors, (169), 145 states have internal predecessors, (169), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-11-13 16:13:27,800 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 225 transitions. [2024-11-13 16:13:27,804 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 225 transitions. Word has length 38 [2024-11-13 16:13:27,804 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:27,804 INFO L471 AbstractCegarLoop]: Abstraction has 171 states and 225 transitions. [2024-11-13 16:13:27,804 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:13:27,804 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 225 transitions. [2024-11-13 16:13:27,806 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-13 16:13:27,806 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:27,806 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:27,810 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-13 16:13:27,810 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:27,810 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:27,811 INFO L85 PathProgramCache]: Analyzing trace with hash -228289774, now seen corresponding path program 1 times [2024-11-13 16:13:27,811 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:27,811 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1147352802] [2024-11-13 16:13:27,811 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:27,811 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:27,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,943 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-13 16:13:27,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,946 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-13 16:13:27,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:27,971 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-13 16:13:27,971 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:27,971 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1147352802] [2024-11-13 16:13:27,972 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1147352802] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:27,972 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:27,972 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 16:13:27,972 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1753798152] [2024-11-13 16:13:27,972 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:27,972 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 16:13:27,972 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:27,973 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 16:13:27,973 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 16:13:27,973 INFO L87 Difference]: Start difference. First operand 171 states and 225 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:13:28,288 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:28,288 INFO L93 Difference]: Finished difference Result 433 states and 586 transitions. [2024-11-13 16:13:28,289 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 16:13:28,289 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-13 16:13:28,289 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:28,291 INFO L225 Difference]: With dead ends: 433 [2024-11-13 16:13:28,291 INFO L226 Difference]: Without dead ends: 270 [2024-11-13 16:13:28,297 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 16:13:28,298 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 79 mSDsluCounter, 400 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 521 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:28,301 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 521 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 16:13:28,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 270 states. [2024-11-13 16:13:28,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 270 to 269. [2024-11-13 16:13:28,358 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 200 states have (on average 1.29) internal successors, (258), 217 states have internal predecessors, (258), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2024-11-13 16:13:28,361 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 346 transitions. [2024-11-13 16:13:28,362 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 346 transitions. Word has length 41 [2024-11-13 16:13:28,363 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:28,363 INFO L471 AbstractCegarLoop]: Abstraction has 269 states and 346 transitions. [2024-11-13 16:13:28,363 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:13:28,363 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 346 transitions. [2024-11-13 16:13:28,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-13 16:13:28,369 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:28,369 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:28,370 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-13 16:13:28,370 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:28,370 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:28,370 INFO L85 PathProgramCache]: Analyzing trace with hash 1198975961, now seen corresponding path program 1 times [2024-11-13 16:13:28,370 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:28,370 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [807449032] [2024-11-13 16:13:28,370 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:28,371 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:28,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:28,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:13:28,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:28,492 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:13:28,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:28,527 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:28,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:28,589 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-13 16:13:28,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:28,595 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:28,595 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:28,595 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [807449032] [2024-11-13 16:13:28,595 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [807449032] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:28,595 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:28,595 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 16:13:28,595 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [788981753] [2024-11-13 16:13:28,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:28,600 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 16:13:28,600 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:28,601 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 16:13:28,601 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 16:13:28,601 INFO L87 Difference]: Start difference. First operand 269 states and 346 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-13 16:13:28,869 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:28,870 INFO L93 Difference]: Finished difference Result 592 states and 771 transitions. [2024-11-13 16:13:28,870 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-13 16:13:28,870 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 57 [2024-11-13 16:13:28,871 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:28,877 INFO L225 Difference]: With dead ends: 592 [2024-11-13 16:13:28,877 INFO L226 Difference]: Without dead ends: 331 [2024-11-13 16:13:28,878 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 16:13:28,879 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 64 mSDsluCounter, 337 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 440 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:28,880 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 440 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 16:13:28,885 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 331 states. [2024-11-13 16:13:28,931 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 331 to 329. [2024-11-13 16:13:28,932 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 329 states, 246 states have (on average 1.2682926829268293) internal successors, (312), 263 states have internal predecessors, (312), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-11-13 16:13:28,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 329 states to 329 states and 418 transitions. [2024-11-13 16:13:28,935 INFO L78 Accepts]: Start accepts. Automaton has 329 states and 418 transitions. Word has length 57 [2024-11-13 16:13:28,935 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:28,936 INFO L471 AbstractCegarLoop]: Abstraction has 329 states and 418 transitions. [2024-11-13 16:13:28,936 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-13 16:13:28,936 INFO L276 IsEmpty]: Start isEmpty. Operand 329 states and 418 transitions. [2024-11-13 16:13:28,937 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-13 16:13:28,938 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:28,938 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:28,938 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-13 16:13:28,938 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:28,939 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:28,939 INFO L85 PathProgramCache]: Analyzing trace with hash 1621677787, now seen corresponding path program 1 times [2024-11-13 16:13:28,939 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:28,939 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1068871930] [2024-11-13 16:13:28,939 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:28,939 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:28,955 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,031 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:13:29,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,040 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:13:29,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,063 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:29,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,107 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-13 16:13:29,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,111 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:29,111 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:29,111 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1068871930] [2024-11-13 16:13:29,111 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1068871930] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:29,111 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:29,111 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 16:13:29,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529601891] [2024-11-13 16:13:29,112 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:29,112 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 16:13:29,112 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:29,112 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 16:13:29,113 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 16:13:29,113 INFO L87 Difference]: Start difference. First operand 329 states and 418 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:13:29,461 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:29,461 INFO L93 Difference]: Finished difference Result 662 states and 863 transitions. [2024-11-13 16:13:29,462 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-13 16:13:29,462 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-13 16:13:29,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:29,465 INFO L225 Difference]: With dead ends: 662 [2024-11-13 16:13:29,465 INFO L226 Difference]: Without dead ends: 341 [2024-11-13 16:13:29,468 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-13 16:13:29,470 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 212 mSDsluCounter, 354 mSDsCounter, 0 mSdLazyCounter, 157 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 157 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:29,470 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 471 Invalid, 207 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 157 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 16:13:29,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 341 states. [2024-11-13 16:13:29,512 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 341 to 333. [2024-11-13 16:13:29,513 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 333 states, 250 states have (on average 1.264) internal successors, (316), 267 states have internal predecessors, (316), 42 states have call successors, (42), 30 states have call predecessors, (42), 40 states have return successors, (64), 45 states have call predecessors, (64), 42 states have call successors, (64) [2024-11-13 16:13:29,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 333 states to 333 states and 422 transitions. [2024-11-13 16:13:29,517 INFO L78 Accepts]: Start accepts. Automaton has 333 states and 422 transitions. Word has length 57 [2024-11-13 16:13:29,518 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:29,519 INFO L471 AbstractCegarLoop]: Abstraction has 333 states and 422 transitions. [2024-11-13 16:13:29,519 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:13:29,520 INFO L276 IsEmpty]: Start isEmpty. Operand 333 states and 422 transitions. [2024-11-13 16:13:29,520 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-13 16:13:29,521 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:29,521 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:29,521 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-13 16:13:29,521 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:29,521 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:29,522 INFO L85 PathProgramCache]: Analyzing trace with hash -183760547, now seen corresponding path program 1 times [2024-11-13 16:13:29,522 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:29,522 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2062614181] [2024-11-13 16:13:29,522 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:29,522 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:29,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,638 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:13:29,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,647 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:13:29,651 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,672 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:29,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,694 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-13 16:13:29,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:29,698 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:29,698 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:29,698 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2062614181] [2024-11-13 16:13:29,699 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2062614181] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:29,699 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:29,699 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 16:13:29,699 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1626207052] [2024-11-13 16:13:29,699 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:29,700 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 16:13:29,700 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:29,700 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 16:13:29,700 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 16:13:29,701 INFO L87 Difference]: Start difference. First operand 333 states and 422 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:13:30,110 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:30,110 INFO L93 Difference]: Finished difference Result 953 states and 1252 transitions. [2024-11-13 16:13:30,115 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 16:13:30,115 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-13 16:13:30,115 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:30,124 INFO L225 Difference]: With dead ends: 953 [2024-11-13 16:13:30,124 INFO L226 Difference]: Without dead ends: 628 [2024-11-13 16:13:30,126 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 12 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:13:30,126 INFO L432 NwaCegarLoop]: 150 mSDtfsCounter, 245 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 159 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 252 SdHoareTripleChecker+Valid, 359 SdHoareTripleChecker+Invalid, 233 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 159 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:30,131 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [252 Valid, 359 Invalid, 233 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 159 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-13 16:13:30,132 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 628 states. [2024-11-13 16:13:30,209 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 628 to 621. [2024-11-13 16:13:30,211 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 621 states, 464 states have (on average 1.2262931034482758) internal successors, (569), 490 states have internal predecessors, (569), 83 states have call successors, (83), 67 states have call predecessors, (83), 73 states have return successors, (135), 84 states have call predecessors, (135), 83 states have call successors, (135) [2024-11-13 16:13:30,219 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 621 states to 621 states and 787 transitions. [2024-11-13 16:13:30,220 INFO L78 Accepts]: Start accepts. Automaton has 621 states and 787 transitions. Word has length 57 [2024-11-13 16:13:30,220 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:30,220 INFO L471 AbstractCegarLoop]: Abstraction has 621 states and 787 transitions. [2024-11-13 16:13:30,220 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:13:30,220 INFO L276 IsEmpty]: Start isEmpty. Operand 621 states and 787 transitions. [2024-11-13 16:13:30,222 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-13 16:13:30,222 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:30,222 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:30,222 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-13 16:13:30,223 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:30,223 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:30,223 INFO L85 PathProgramCache]: Analyzing trace with hash 727949955, now seen corresponding path program 1 times [2024-11-13 16:13:30,227 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:30,227 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [891868163] [2024-11-13 16:13:30,227 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:30,227 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:30,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,469 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:13:30,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,540 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-13 16:13:30,543 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,558 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-13 16:13:30,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,568 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:30,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,573 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-13 16:13:30,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:30,581 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:13:30,581 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:30,581 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [891868163] [2024-11-13 16:13:30,581 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [891868163] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:30,581 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:30,581 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-13 16:13:30,581 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1640508956] [2024-11-13 16:13:30,582 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:30,582 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-13 16:13:30,582 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:30,583 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-13 16:13:30,583 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-13 16:13:30,583 INFO L87 Difference]: Start difference. First operand 621 states and 787 transitions. Second operand has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-13 16:13:31,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:31,557 INFO L93 Difference]: Finished difference Result 1878 states and 2485 transitions. [2024-11-13 16:13:31,558 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-13 16:13:31,558 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 61 [2024-11-13 16:13:31,559 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:31,574 INFO L225 Difference]: With dead ends: 1878 [2024-11-13 16:13:31,574 INFO L226 Difference]: Without dead ends: 1379 [2024-11-13 16:13:31,577 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-13 16:13:31,578 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 519 mSDsluCounter, 472 mSDsCounter, 0 mSdLazyCounter, 556 mSolverCounterSat, 172 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 526 SdHoareTripleChecker+Valid, 583 SdHoareTripleChecker+Invalid, 728 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 172 IncrementalHoareTripleChecker+Valid, 556 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:31,578 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [526 Valid, 583 Invalid, 728 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [172 Valid, 556 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-13 16:13:31,580 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1379 states. [2024-11-13 16:13:31,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1379 to 1202. [2024-11-13 16:13:31,752 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1202 states, 899 states have (on average 1.224694104560623) internal successors, (1101), 956 states have internal predecessors, (1101), 160 states have call successors, (160), 118 states have call predecessors, (160), 142 states have return successors, (260), 162 states have call predecessors, (260), 160 states have call successors, (260) [2024-11-13 16:13:31,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1202 states to 1202 states and 1521 transitions. [2024-11-13 16:13:31,762 INFO L78 Accepts]: Start accepts. Automaton has 1202 states and 1521 transitions. Word has length 61 [2024-11-13 16:13:31,763 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:31,763 INFO L471 AbstractCegarLoop]: Abstraction has 1202 states and 1521 transitions. [2024-11-13 16:13:31,763 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-13 16:13:31,763 INFO L276 IsEmpty]: Start isEmpty. Operand 1202 states and 1521 transitions. [2024-11-13 16:13:31,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-13 16:13:31,767 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:31,767 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:31,767 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-13 16:13:31,767 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:31,768 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:31,768 INFO L85 PathProgramCache]: Analyzing trace with hash -1112750703, now seen corresponding path program 1 times [2024-11-13 16:13:31,768 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:31,768 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1152665989] [2024-11-13 16:13:31,768 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:31,768 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:31,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,839 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:13:31,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,855 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-13 16:13:31,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,888 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:13:31,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,898 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-13 16:13:31,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,907 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:31,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,914 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-13 16:13:31,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2024-11-13 16:13:31,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:31,923 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-13 16:13:31,923 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:31,923 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1152665989] [2024-11-13 16:13:31,923 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1152665989] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:13:31,923 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:13:31,923 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-13 16:13:31,923 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [889153076] [2024-11-13 16:13:31,923 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:13:31,924 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-13 16:13:31,924 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:31,924 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-13 16:13:31,927 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:13:31,927 INFO L87 Difference]: Start difference. First operand 1202 states and 1521 transitions. Second operand has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-13 16:13:32,486 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:32,486 INFO L93 Difference]: Finished difference Result 2026 states and 2553 transitions. [2024-11-13 16:13:32,487 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-13 16:13:32,487 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 91 [2024-11-13 16:13:32,487 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:32,493 INFO L225 Difference]: With dead ends: 2026 [2024-11-13 16:13:32,493 INFO L226 Difference]: Without dead ends: 832 [2024-11-13 16:13:32,497 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-13 16:13:32,498 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 351 mSDsluCounter, 228 mSDsCounter, 0 mSdLazyCounter, 262 mSolverCounterSat, 118 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 360 SdHoareTripleChecker+Valid, 342 SdHoareTripleChecker+Invalid, 380 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 118 IncrementalHoareTripleChecker+Valid, 262 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:32,498 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [360 Valid, 342 Invalid, 380 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [118 Valid, 262 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-13 16:13:32,499 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 832 states. [2024-11-13 16:13:32,601 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 832 to 796. [2024-11-13 16:13:32,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 796 states, 600 states have (on average 1.2133333333333334) internal successors, (728), 639 states have internal predecessors, (728), 104 states have call successors, (104), 79 states have call predecessors, (104), 91 states have return successors, (155), 105 states have call predecessors, (155), 104 states have call successors, (155) [2024-11-13 16:13:32,608 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 796 states to 796 states and 987 transitions. [2024-11-13 16:13:32,611 INFO L78 Accepts]: Start accepts. Automaton has 796 states and 987 transitions. Word has length 91 [2024-11-13 16:13:32,611 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:32,611 INFO L471 AbstractCegarLoop]: Abstraction has 796 states and 987 transitions. [2024-11-13 16:13:32,611 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.285714285714286) internal successors, (72), 4 states have internal predecessors, (72), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-13 16:13:32,611 INFO L276 IsEmpty]: Start isEmpty. Operand 796 states and 987 transitions. [2024-11-13 16:13:32,617 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-13 16:13:32,617 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:32,618 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:32,618 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-13 16:13:32,618 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:32,618 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:32,618 INFO L85 PathProgramCache]: Analyzing trace with hash -1763043138, now seen corresponding path program 1 times [2024-11-13 16:13:32,618 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:32,619 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [174024066] [2024-11-13 16:13:32,619 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:32,619 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:32,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,801 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:13:32,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,830 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-13 16:13:32,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,861 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:13:32,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,871 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-13 16:13:32,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,885 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:32,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,896 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-11-13 16:13:32,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,912 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-13 16:13:32,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,921 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-13 16:13:32,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,924 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:32,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,927 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 103 [2024-11-13 16:13:32,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:32,934 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-13 16:13:32,935 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:32,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [174024066] [2024-11-13 16:13:32,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [174024066] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-13 16:13:32,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [693622127] [2024-11-13 16:13:32,935 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:32,936 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 16:13:32,937 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 16:13:32,940 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-13 16:13:32,941 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-13 16:13:33,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:33,078 INFO L255 TraceCheckSpWp]: Trace formula consists of 358 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-13 16:13:33,088 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-13 16:13:33,353 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 27 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-13 16:13:33,353 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-13 16:13:33,686 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-13 16:13:33,686 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [693622127] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-13 16:13:33,686 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-13 16:13:33,686 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-13 16:13:33,687 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [913223629] [2024-11-13 16:13:33,688 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-13 16:13:33,688 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-13 16:13:33,688 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:33,689 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-13 16:13:33,689 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-13 16:13:33,690 INFO L87 Difference]: Start difference. First operand 796 states and 987 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-13 16:13:35,750 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:35,750 INFO L93 Difference]: Finished difference Result 1820 states and 2321 transitions. [2024-11-13 16:13:35,751 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 49 states. [2024-11-13 16:13:35,751 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) Word has length 111 [2024-11-13 16:13:35,751 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:35,760 INFO L225 Difference]: With dead ends: 1820 [2024-11-13 16:13:35,760 INFO L226 Difference]: Without dead ends: 1121 [2024-11-13 16:13:35,764 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 308 GetRequests, 250 SyntacticMatches, 4 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 919 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=621, Invalid=2459, Unknown=0, NotChecked=0, Total=3080 [2024-11-13 16:13:35,765 INFO L432 NwaCegarLoop]: 186 mSDtfsCounter, 513 mSDsluCounter, 1292 mSDsCounter, 0 mSdLazyCounter, 1312 mSolverCounterSat, 184 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 521 SdHoareTripleChecker+Valid, 1478 SdHoareTripleChecker+Invalid, 1496 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 184 IncrementalHoareTripleChecker+Valid, 1312 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:35,765 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [521 Valid, 1478 Invalid, 1496 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [184 Valid, 1312 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2024-11-13 16:13:35,767 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1121 states. [2024-11-13 16:13:35,862 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1121 to 893. [2024-11-13 16:13:35,864 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 893 states, 665 states have (on average 1.1894736842105262) internal successors, (791), 716 states have internal predecessors, (791), 121 states have call successors, (121), 100 states have call predecessors, (121), 106 states have return successors, (154), 111 states have call predecessors, (154), 121 states have call successors, (154) [2024-11-13 16:13:35,870 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 893 states to 893 states and 1066 transitions. [2024-11-13 16:13:35,871 INFO L78 Accepts]: Start accepts. Automaton has 893 states and 1066 transitions. Word has length 111 [2024-11-13 16:13:35,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:35,872 INFO L471 AbstractCegarLoop]: Abstraction has 893 states and 1066 transitions. [2024-11-13 16:13:35,872 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (25), 7 states have call predecessors, (25), 6 states have return successors, (19), 7 states have call predecessors, (19), 6 states have call successors, (19) [2024-11-13 16:13:35,872 INFO L276 IsEmpty]: Start isEmpty. Operand 893 states and 1066 transitions. [2024-11-13 16:13:35,877 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 192 [2024-11-13 16:13:35,877 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:13:35,877 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:35,900 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-13 16:13:36,078 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 16:13:36,078 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:13:36,078 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:13:36,079 INFO L85 PathProgramCache]: Analyzing trace with hash -930738641, now seen corresponding path program 1 times [2024-11-13 16:13:36,079 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:13:36,079 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1181076824] [2024-11-13 16:13:36,079 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:36,079 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:13:36,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,433 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:13:36,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,445 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-13 16:13:36,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,482 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:13:36,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,491 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-13 16:13:36,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,496 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:36,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,500 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-11-13 16:13:36,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,564 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:13:36,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-13 16:13:36,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,575 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-13 16:13:36,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,577 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:36,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,579 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2024-11-13 16:13:36,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:13:36,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,626 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-13 16:13:36,627 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,630 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 153 [2024-11-13 16:13:36,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,633 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-11-13 16:13:36,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,656 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:13:36,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,684 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 183 [2024-11-13 16:13:36,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,687 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 89 proven. 45 refuted. 0 times theorem prover too weak. 69 trivial. 0 not checked. [2024-11-13 16:13:36,688 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:13:36,688 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1181076824] [2024-11-13 16:13:36,688 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1181076824] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-13 16:13:36,688 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1325164099] [2024-11-13 16:13:36,688 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:13:36,688 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 16:13:36,688 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 16:13:36,691 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-13 16:13:36,693 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-13 16:13:36,844 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:13:36,847 INFO L255 TraceCheckSpWp]: Trace formula consists of 557 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-13 16:13:36,856 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-13 16:13:37,073 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 147 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-13 16:13:37,073 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-13 16:13:37,679 INFO L134 CoverageAnalysis]: Checked inductivity of 203 backedges. 81 proven. 39 refuted. 0 times theorem prover too weak. 83 trivial. 0 not checked. [2024-11-13 16:13:37,679 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1325164099] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-13 16:13:37,679 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-13 16:13:37,679 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 24 [2024-11-13 16:13:37,679 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1232332552] [2024-11-13 16:13:37,679 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-13 16:13:37,680 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-13 16:13:37,680 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:13:37,681 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-13 16:13:37,681 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=435, Unknown=0, NotChecked=0, Total=552 [2024-11-13 16:13:37,683 INFO L87 Difference]: Start difference. First operand 893 states and 1066 transitions. Second operand has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-13 16:13:39,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:13:39,306 INFO L93 Difference]: Finished difference Result 1943 states and 2393 transitions. [2024-11-13 16:13:39,306 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-13 16:13:39,307 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) Word has length 191 [2024-11-13 16:13:39,307 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:13:39,309 INFO L225 Difference]: With dead ends: 1943 [2024-11-13 16:13:39,309 INFO L226 Difference]: Without dead ends: 0 [2024-11-13 16:13:39,315 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 462 GetRequests, 411 SyntacticMatches, 3 SemanticMatches, 48 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 515 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=514, Invalid=1936, Unknown=0, NotChecked=0, Total=2450 [2024-11-13 16:13:39,316 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 726 mSDsluCounter, 682 mSDsCounter, 0 mSdLazyCounter, 1216 mSolverCounterSat, 298 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 732 SdHoareTripleChecker+Valid, 789 SdHoareTripleChecker+Invalid, 1514 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 298 IncrementalHoareTripleChecker+Valid, 1216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:13:39,317 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [732 Valid, 789 Invalid, 1514 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [298 Valid, 1216 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-11-13 16:13:39,317 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-13 16:13:39,317 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-13 16:13:39,317 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-13 16:13:39,318 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-13 16:13:39,319 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 191 [2024-11-13 16:13:39,319 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:13:39,319 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-13 16:13:39,320 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 10.0) internal successors, (240), 21 states have internal predecessors, (240), 10 states have call successors, (38), 9 states have call predecessors, (38), 11 states have return successors, (37), 11 states have call predecessors, (37), 10 states have call successors, (37) [2024-11-13 16:13:39,320 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-13 16:13:39,320 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-13 16:13:39,322 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-13 16:13:39,343 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-13 16:13:39,527 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 16:13:39,530 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:13:39,532 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-13 16:13:47,753 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-13 16:13:47,785 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) .cse1 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-13 16:13:47,823 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= 0 ~systemActive~0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4 .cse5) (and .cse0 .cse1 .cse4) (and .cse3 .cse0 .cse2) (and .cse3 .cse0 .cse4) (and .cse3 .cse5 .cse2)))) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-13 16:13:47,860 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-13 16:13:47,876 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= 0 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse1 .cse4) (and .cse5 .cse3 .cse2) (and .cse0 .cse3 .cse4) (and .cse5 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-13 16:13:47,893 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-13 16:13:47,908 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.11 04:13:47 BoogieIcfgContainer [2024-11-13 16:13:47,908 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-13 16:13:47,908 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-13 16:13:47,909 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-13 16:13:47,909 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-13 16:13:47,909 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:13:26" (3/4) ... [2024-11-13 16:13:47,912 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-13 16:13:47,917 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-13 16:13:47,917 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-13 16:13:47,918 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-13 16:13:47,925 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-13 16:13:47,925 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-13 16:13:47,926 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-13 16:13:47,926 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 16:13:47,926 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 16:13:48,046 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/witness.graphml [2024-11-13 16:13:48,047 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/witness.yml [2024-11-13 16:13:48,048 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-13 16:13:48,049 INFO L158 Benchmark]: Toolchain (without parser) took 22588.50ms. Allocated memory was 117.4MB in the beginning and 234.9MB in the end (delta: 117.4MB). Free memory was 91.9MB in the beginning and 118.7MB in the end (delta: -26.8MB). Peak memory consumption was 92.8MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,049 INFO L158 Benchmark]: CDTParser took 0.41ms. Allocated memory is still 117.4MB. Free memory is still 75.1MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 16:13:48,049 INFO L158 Benchmark]: CACSL2BoogieTranslator took 565.39ms. Allocated memory is still 117.4MB. Free memory was 91.7MB in the beginning and 72.6MB in the end (delta: 19.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,050 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.84ms. Allocated memory is still 117.4MB. Free memory was 72.6MB in the beginning and 70.5MB in the end (delta: 2.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,050 INFO L158 Benchmark]: Boogie Preprocessor took 42.35ms. Allocated memory is still 117.4MB. Free memory was 70.5MB in the beginning and 68.7MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 16:13:48,050 INFO L158 Benchmark]: RCFGBuilder took 633.35ms. Allocated memory is still 117.4MB. Free memory was 68.7MB in the beginning and 50.6MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,051 INFO L158 Benchmark]: TraceAbstraction took 21150.36ms. Allocated memory was 117.4MB in the beginning and 234.9MB in the end (delta: 117.4MB). Free memory was 50.2MB in the beginning and 127.1MB in the end (delta: -76.9MB). Peak memory consumption was 95.2MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,051 INFO L158 Benchmark]: Witness Printer took 139.35ms. Allocated memory is still 234.9MB. Free memory was 127.1MB in the beginning and 118.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 16:13:48,053 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.41ms. Allocated memory is still 117.4MB. Free memory is still 75.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 565.39ms. Allocated memory is still 117.4MB. Free memory was 91.7MB in the beginning and 72.6MB in the end (delta: 19.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.84ms. Allocated memory is still 117.4MB. Free memory was 72.6MB in the beginning and 70.5MB in the end (delta: 2.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 42.35ms. Allocated memory is still 117.4MB. Free memory was 70.5MB in the beginning and 68.7MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 633.35ms. Allocated memory is still 117.4MB. Free memory was 68.7MB in the beginning and 50.6MB in the end (delta: 18.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 21150.36ms. Allocated memory was 117.4MB in the beginning and 234.9MB in the end (delta: 117.4MB). Free memory was 50.2MB in the beginning and 127.1MB in the end (delta: -76.9MB). Peak memory consumption was 95.2MB. Max. memory is 16.1GB. * Witness Printer took 139.35ms. Allocated memory is still 234.9MB. Free memory was 127.1MB in the beginning and 118.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] - GenericResultAtLocation [Line: 418]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [418] - GenericResultAtLocation [Line: 488]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [488] - GenericResultAtLocation [Line: 526]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [526] - GenericResultAtLocation [Line: 535]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [535] - GenericResultAtLocation [Line: 584]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [584] - GenericResultAtLocation [Line: 950]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [950] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 531]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 110 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 12.7s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 6.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2887 SdHoareTripleChecker+Valid, 4.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2833 mSDsluCounter, 5578 SdHoareTripleChecker+Invalid, 3.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4176 mSDsCounter, 925 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3884 IncrementalHoareTripleChecker+Invalid, 4809 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 925 mSolverCounterUnsat, 1402 mSDtfsCounter, 3884 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 924 GetRequests, 753 SyntacticMatches, 8 SemanticMatches, 163 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1540 ImplicationChecksByTransitivity, 2.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1202occurred in iteration=8, InterpolantAutomatonStates: 146, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 462 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.8s InterpolantComputationTime, 1071 NumberOfCodeBlocks, 1071 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1358 ConstructedInterpolants, 0 QuantifiedInterpolants, 2757 SizeOfPredicates, 2 NumberOfNonLiveVariables, 915 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 653/775 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 429]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 == systemActive)) || (((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (0 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 293]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((pumpRunning == 0) && ((((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || ((2 == waterLevel) && (1 <= \old(pumpRunning))))) && (((2 == waterLevel) && (1 == systemActive)) || (waterLevel < 2))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 200]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 952]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 173]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning)))) && (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 208]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 1))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 234]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 312]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((waterLevel <= 2) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-13 16:13:48,095 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ce84e7d0-cd72-4f22-ac34-65dbcdcf466d/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE