./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-13 16:31:39,264 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-13 16:31:39,331 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-13 16:31:39,337 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-13 16:31:39,337 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-13 16:31:39,361 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-13 16:31:39,362 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-13 16:31:39,362 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-13 16:31:39,363 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-13 16:31:39,363 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-13 16:31:39,363 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-13 16:31:39,363 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-13 16:31:39,364 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * Use SBE=true [2024-11-13 16:31:39,364 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-13 16:31:39,364 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-13 16:31:39,365 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-13 16:31:39,365 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-13 16:31:39,366 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-13 16:31:39,366 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-13 16:31:39,366 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-13 16:31:39,366 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 16:31:39,366 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-13 16:31:39,367 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-13 16:31:39,368 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-13 16:31:39,368 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2024-11-13 16:31:39,718 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-13 16:31:39,737 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-13 16:31:39,740 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-13 16:31:39,741 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-13 16:31:39,742 INFO L274 PluginConnector]: CDTParser initialized [2024-11-13 16:31:39,744 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c Unable to find full path for "g++" [2024-11-13 16:31:41,728 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-13 16:31:42,155 INFO L384 CDTParser]: Found 1 translation units. [2024-11-13 16:31:42,156 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-11-13 16:31:42,169 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/data/b67deee6c/d70c652bdfb04a95a36fdda38c9ac6c6/FLAG3a90d6e56 [2024-11-13 16:31:42,310 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/data/b67deee6c/d70c652bdfb04a95a36fdda38c9ac6c6 [2024-11-13 16:31:42,313 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-13 16:31:42,315 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-13 16:31:42,316 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-13 16:31:42,316 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-13 16:31:42,326 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-13 16:31:42,327 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:42,328 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7586f074 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42, skipping insertion in model container [2024-11-13 16:31:42,328 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:42,378 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-13 16:31:42,741 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-13 16:31:42,782 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 16:31:42,798 INFO L200 MainTranslator]: Completed pre-run [2024-11-13 16:31:42,810 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-13 16:31:42,812 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2024-11-13 16:31:42,812 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2024-11-13 16:31:42,812 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2024-11-13 16:31:42,812 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2024-11-13 16:31:42,812 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-11-13 16:31:42,813 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2024-11-13 16:31:42,813 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-11-13 16:31:42,907 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-13 16:31:42,918 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-13 16:31:42,942 INFO L204 MainTranslator]: Completed translation [2024-11-13 16:31:42,943 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42 WrapperNode [2024-11-13 16:31:42,943 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-13 16:31:42,944 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-13 16:31:42,945 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-13 16:31:42,945 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-13 16:31:42,952 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:42,970 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,016 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 234 [2024-11-13 16:31:43,017 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-13 16:31:43,017 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-13 16:31:43,017 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-13 16:31:43,017 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-13 16:31:43,028 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,028 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,030 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,044 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-13 16:31:43,044 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,045 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,050 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,054 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,055 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,056 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,059 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-13 16:31:43,059 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-13 16:31:43,060 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-13 16:31:43,060 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-13 16:31:43,061 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (1/1) ... [2024-11-13 16:31:43,066 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-13 16:31:43,088 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 16:31:43,103 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-13 16:31:43,110 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-13 16:31:43,144 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-13 16:31:43,145 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-13 16:31:43,145 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-13 16:31:43,145 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-13 16:31:43,145 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-13 16:31:43,145 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-13 16:31:43,145 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-13 16:31:43,145 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:31:43,146 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:31:43,146 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-13 16:31:43,146 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-13 16:31:43,146 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-13 16:31:43,146 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-13 16:31:43,146 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-13 16:31:43,146 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-13 16:31:43,146 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-13 16:31:43,146 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-13 16:31:43,146 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-13 16:31:43,246 INFO L238 CfgBuilder]: Building ICFG [2024-11-13 16:31:43,248 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-13 16:31:43,635 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-13 16:31:43,635 INFO L287 CfgBuilder]: Performing block encoding [2024-11-13 16:31:43,649 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-13 16:31:43,649 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-13 16:31:43,649 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:31:43 BoogieIcfgContainer [2024-11-13 16:31:43,650 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-13 16:31:43,653 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-13 16:31:43,653 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-13 16:31:43,660 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-13 16:31:43,660 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 13.11 04:31:42" (1/3) ... [2024-11-13 16:31:43,661 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@63435e78 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 04:31:43, skipping insertion in model container [2024-11-13 16:31:43,661 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 13.11 04:31:42" (2/3) ... [2024-11-13 16:31:43,662 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@63435e78 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 13.11 04:31:43, skipping insertion in model container [2024-11-13 16:31:43,662 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:31:43" (3/3) ... [2024-11-13 16:31:43,663 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2024-11-13 16:31:43,685 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-13 16:31:43,688 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product58.cil.c that has 8 procedures, 97 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-13 16:31:43,786 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-13 16:31:43,802 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7ed47b5f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-13 16:31:43,803 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-13 16:31:43,808 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-13 16:31:43,823 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-13 16:31:43,824 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:43,824 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:43,826 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:43,833 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:43,834 INFO L85 PathProgramCache]: Analyzing trace with hash -227598209, now seen corresponding path program 1 times [2024-11-13 16:31:43,843 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:43,844 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1957695178] [2024-11-13 16:31:43,845 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:43,846 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:43,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,068 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-13 16:31:44,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,076 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-13 16:31:44,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,087 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:44,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:44,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1957695178] [2024-11-13 16:31:44,089 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1957695178] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:44,089 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:44,089 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-13 16:31:44,091 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1549394243] [2024-11-13 16:31:44,092 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:44,096 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-13 16:31:44,097 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:44,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-13 16:31:44,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 16:31:44,129 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:31:44,159 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:44,160 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2024-11-13 16:31:44,161 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-13 16:31:44,162 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-13 16:31:44,162 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:44,170 INFO L225 Difference]: With dead ends: 185 [2024-11-13 16:31:44,170 INFO L226 Difference]: Without dead ends: 88 [2024-11-13 16:31:44,174 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-13 16:31:44,177 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:44,178 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:31:44,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-13 16:31:44,217 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-13 16:31:44,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-13 16:31:44,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2024-11-13 16:31:44,227 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2024-11-13 16:31:44,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:44,228 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2024-11-13 16:31:44,228 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:31:44,228 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2024-11-13 16:31:44,231 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-13 16:31:44,231 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:44,231 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:44,232 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-13 16:31:44,232 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:44,233 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:44,233 INFO L85 PathProgramCache]: Analyzing trace with hash 862473690, now seen corresponding path program 1 times [2024-11-13 16:31:44,233 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:44,233 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1471128442] [2024-11-13 16:31:44,233 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:44,234 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:44,266 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,411 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-13 16:31:44,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,426 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-13 16:31:44,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,437 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:44,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:44,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1471128442] [2024-11-13 16:31:44,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1471128442] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:44,442 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:44,442 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 16:31:44,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [115228951] [2024-11-13 16:31:44,443 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:44,444 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 16:31:44,444 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:44,463 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 16:31:44,463 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:31:44,464 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:31:44,490 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:44,490 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2024-11-13 16:31:44,491 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 16:31:44,491 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-13 16:31:44,492 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:44,493 INFO L225 Difference]: With dead ends: 140 [2024-11-13 16:31:44,493 INFO L226 Difference]: Without dead ends: 79 [2024-11-13 16:31:44,494 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:31:44,495 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:44,496 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:31:44,497 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-13 16:31:44,509 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-13 16:31:44,510 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-13 16:31:44,511 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2024-11-13 16:31:44,512 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2024-11-13 16:31:44,515 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:44,516 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2024-11-13 16:31:44,516 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-13 16:31:44,516 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2024-11-13 16:31:44,517 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-13 16:31:44,517 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:44,517 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:44,518 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-13 16:31:44,518 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:44,518 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:44,519 INFO L85 PathProgramCache]: Analyzing trace with hash -1279758346, now seen corresponding path program 1 times [2024-11-13 16:31:44,519 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:44,519 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [600337879] [2024-11-13 16:31:44,519 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:44,520 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:44,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,683 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:44,687 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-13 16:31:44,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,701 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:44,701 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:44,702 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [600337879] [2024-11-13 16:31:44,702 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [600337879] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:44,702 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:44,702 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 16:31:44,702 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [653569909] [2024-11-13 16:31:44,702 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:44,703 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 16:31:44,703 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:44,703 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 16:31:44,704 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 16:31:44,704 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:31:44,773 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:44,773 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2024-11-13 16:31:44,773 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-13 16:31:44,774 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-13 16:31:44,774 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:44,779 INFO L225 Difference]: With dead ends: 150 [2024-11-13 16:31:44,779 INFO L226 Difference]: Without dead ends: 79 [2024-11-13 16:31:44,779 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:31:44,780 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 91 mSDsluCounter, 192 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:44,781 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 289 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:31:44,782 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2024-11-13 16:31:44,801 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2024-11-13 16:31:44,801 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-13 16:31:44,807 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2024-11-13 16:31:44,807 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2024-11-13 16:31:44,808 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:44,809 INFO L471 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2024-11-13 16:31:44,809 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:31:44,809 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2024-11-13 16:31:44,812 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-13 16:31:44,812 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:44,812 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:44,813 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-13 16:31:44,813 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:44,813 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:44,813 INFO L85 PathProgramCache]: Analyzing trace with hash 737955010, now seen corresponding path program 1 times [2024-11-13 16:31:44,813 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:44,814 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1378843325] [2024-11-13 16:31:44,814 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:44,814 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:44,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,909 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:44,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,912 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-13 16:31:44,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:44,915 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:44,915 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:44,915 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1378843325] [2024-11-13 16:31:44,915 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1378843325] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:44,915 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:44,916 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-13 16:31:44,916 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [549299296] [2024-11-13 16:31:44,916 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:44,916 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-13 16:31:44,916 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:44,917 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-13 16:31:44,917 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:31:44,917 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:31:44,993 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:44,993 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2024-11-13 16:31:44,997 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-13 16:31:44,997 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2024-11-13 16:31:44,998 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:44,999 INFO L225 Difference]: With dead ends: 199 [2024-11-13 16:31:44,999 INFO L226 Difference]: Without dead ends: 128 [2024-11-13 16:31:45,000 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-13 16:31:45,001 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 80 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:45,001 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 171 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-13 16:31:45,002 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2024-11-13 16:31:45,020 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2024-11-13 16:31:45,022 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-13 16:31:45,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2024-11-13 16:31:45,026 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2024-11-13 16:31:45,026 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:45,027 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2024-11-13 16:31:45,027 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-13 16:31:45,027 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2024-11-13 16:31:45,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-13 16:31:45,032 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:45,032 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:45,032 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-13 16:31:45,033 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:45,033 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:45,033 INFO L85 PathProgramCache]: Analyzing trace with hash 1159394945, now seen corresponding path program 1 times [2024-11-13 16:31:45,033 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:45,034 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1461652177] [2024-11-13 16:31:45,034 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:45,034 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:45,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,244 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:45,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,255 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:31:45,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,270 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-13 16:31:45,272 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,274 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-13 16:31:45,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,296 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-13 16:31:45,297 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:45,298 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1461652177] [2024-11-13 16:31:45,298 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1461652177] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:45,298 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:45,298 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-13 16:31:45,298 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1316849229] [2024-11-13 16:31:45,298 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:45,299 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-13 16:31:45,299 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:45,299 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-13 16:31:45,300 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:31:45,301 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-13 16:31:45,717 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:45,717 INFO L93 Difference]: Finished difference Result 268 states and 341 transitions. [2024-11-13 16:31:45,718 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-13 16:31:45,718 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-13 16:31:45,718 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:45,720 INFO L225 Difference]: With dead ends: 268 [2024-11-13 16:31:45,720 INFO L226 Difference]: Without dead ends: 150 [2024-11-13 16:31:45,721 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-13 16:31:45,725 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 140 mSDsluCounter, 328 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 409 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:45,726 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 409 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-13 16:31:45,727 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2024-11-13 16:31:45,756 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 148. [2024-11-13 16:31:45,759 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-13 16:31:45,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2024-11-13 16:31:45,761 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2024-11-13 16:31:45,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:45,762 INFO L471 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2024-11-13 16:31:45,762 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-13 16:31:45,762 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2024-11-13 16:31:45,766 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-13 16:31:45,766 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:45,766 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:45,766 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-13 16:31:45,766 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:45,767 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:45,767 INFO L85 PathProgramCache]: Analyzing trace with hash -157972617, now seen corresponding path program 1 times [2024-11-13 16:31:45,767 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:45,767 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [600417434] [2024-11-13 16:31:45,767 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:45,767 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:45,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,897 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:45,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,906 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:31:45,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,992 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-13 16:31:45,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:45,995 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:45,996 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:45,996 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [600417434] [2024-11-13 16:31:45,997 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [600417434] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:45,997 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:45,997 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-13 16:31:45,997 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1760604357] [2024-11-13 16:31:45,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:45,999 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-13 16:31:45,999 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:46,000 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-13 16:31:46,000 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-13 16:31:46,000 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:46,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:46,202 INFO L93 Difference]: Finished difference Result 293 states and 375 transitions. [2024-11-13 16:31:46,203 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-13 16:31:46,203 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-13 16:31:46,203 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:46,204 INFO L225 Difference]: With dead ends: 293 [2024-11-13 16:31:46,205 INFO L226 Difference]: Without dead ends: 153 [2024-11-13 16:31:46,205 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-13 16:31:46,209 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 59 mSDsluCounter, 274 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:46,210 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 357 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-13 16:31:46,210 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-13 16:31:46,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-13 16:31:46,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-13 16:31:46,243 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2024-11-13 16:31:46,244 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2024-11-13 16:31:46,244 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:46,244 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2024-11-13 16:31:46,244 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:46,244 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2024-11-13 16:31:46,247 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-13 16:31:46,247 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:46,247 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:46,247 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-13 16:31:46,247 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:46,248 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:46,248 INFO L85 PathProgramCache]: Analyzing trace with hash -1963410951, now seen corresponding path program 1 times [2024-11-13 16:31:46,248 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:46,248 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [601147742] [2024-11-13 16:31:46,248 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:46,248 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:46,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,395 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:46,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:31:46,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,463 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-13 16:31:46,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,467 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:46,467 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:46,467 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [601147742] [2024-11-13 16:31:46,467 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [601147742] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:46,467 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:46,468 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-13 16:31:46,469 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2013273806] [2024-11-13 16:31:46,469 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:46,469 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-13 16:31:46,469 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:46,470 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-13 16:31:46,470 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:31:46,470 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:46,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:46,676 INFO L93 Difference]: Finished difference Result 298 states and 380 transitions. [2024-11-13 16:31:46,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 16:31:46,676 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-13 16:31:46,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:46,678 INFO L225 Difference]: With dead ends: 298 [2024-11-13 16:31:46,678 INFO L226 Difference]: Without dead ends: 155 [2024-11-13 16:31:46,679 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-11-13 16:31:46,680 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 58 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 428 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:46,680 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 428 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 16:31:46,681 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-11-13 16:31:46,712 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 153. [2024-11-13 16:31:46,713 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-13 16:31:46,715 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2024-11-13 16:31:46,716 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2024-11-13 16:31:46,716 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:46,716 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2024-11-13 16:31:46,716 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:46,717 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2024-11-13 16:31:46,717 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-13 16:31:46,718 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:46,718 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:46,719 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-13 16:31:46,719 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:46,719 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:46,719 INFO L85 PathProgramCache]: Analyzing trace with hash -1822862341, now seen corresponding path program 1 times [2024-11-13 16:31:46,719 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:46,720 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1864906414] [2024-11-13 16:31:46,720 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:46,720 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:46,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,823 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-13 16:31:46,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,833 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-13 16:31:46,839 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,864 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-13 16:31:46,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:46,870 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:46,870 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:46,870 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1864906414] [2024-11-13 16:31:46,870 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1864906414] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:46,870 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:46,870 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-13 16:31:46,871 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [667819975] [2024-11-13 16:31:46,871 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:46,875 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-13 16:31:46,875 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:46,876 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-13 16:31:46,876 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-13 16:31:46,876 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:47,187 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:47,187 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2024-11-13 16:31:47,188 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-13 16:31:47,188 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2024-11-13 16:31:47,188 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:47,191 INFO L225 Difference]: With dead ends: 430 [2024-11-13 16:31:47,191 INFO L226 Difference]: Without dead ends: 285 [2024-11-13 16:31:47,192 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-13 16:31:47,193 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 215 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:47,193 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 295 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-13 16:31:47,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2024-11-13 16:31:47,228 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2024-11-13 16:31:47,229 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-13 16:31:47,231 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2024-11-13 16:31:47,232 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2024-11-13 16:31:47,232 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:47,232 INFO L471 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2024-11-13 16:31:47,233 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-13 16:31:47,233 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2024-11-13 16:31:47,234 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-13 16:31:47,234 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:47,234 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:47,234 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-13 16:31:47,235 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:47,235 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:47,235 INFO L85 PathProgramCache]: Analyzing trace with hash -499401515, now seen corresponding path program 1 times [2024-11-13 16:31:47,235 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:47,235 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [720937816] [2024-11-13 16:31:47,235 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:47,236 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:47,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:47,502 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:31:47,504 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:47,512 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-13 16:31:47,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:47,527 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-13 16:31:47,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:47,574 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-13 16:31:47,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:47,577 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-13 16:31:47,578 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:47,578 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [720937816] [2024-11-13 16:31:47,580 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [720937816] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-13 16:31:47,580 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-13 16:31:47,580 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-13 16:31:47,580 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1844535682] [2024-11-13 16:31:47,580 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-13 16:31:47,581 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-13 16:31:47,581 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:47,581 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-13 16:31:47,581 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-13 16:31:47,582 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:31:48,579 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:48,579 INFO L93 Difference]: Finished difference Result 737 states and 970 transitions. [2024-11-13 16:31:48,580 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-13 16:31:48,580 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2024-11-13 16:31:48,581 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:48,587 INFO L225 Difference]: With dead ends: 737 [2024-11-13 16:31:48,587 INFO L226 Difference]: Without dead ends: 513 [2024-11-13 16:31:48,590 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-13 16:31:48,591 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 621 mSDsluCounter, 438 mSDsCounter, 0 mSdLazyCounter, 420 mSolverCounterSat, 186 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 626 SdHoareTripleChecker+Valid, 540 SdHoareTripleChecker+Invalid, 606 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 186 IncrementalHoareTripleChecker+Valid, 420 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:48,592 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [626 Valid, 540 Invalid, 606 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [186 Valid, 420 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-13 16:31:48,593 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 513 states. [2024-11-13 16:31:48,688 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 513 to 440. [2024-11-13 16:31:48,690 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-13 16:31:48,697 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2024-11-13 16:31:48,697 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2024-11-13 16:31:48,698 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:48,698 INFO L471 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2024-11-13 16:31:48,698 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-13 16:31:48,698 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2024-11-13 16:31:48,700 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2024-11-13 16:31:48,700 INFO L207 NwaCegarLoop]: Found error trace [2024-11-13 16:31:48,700 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:48,700 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-13 16:31:48,701 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-13 16:31:48,701 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-13 16:31:48,701 INFO L85 PathProgramCache]: Analyzing trace with hash 631363580, now seen corresponding path program 1 times [2024-11-13 16:31:48,701 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-13 16:31:48,701 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [310271193] [2024-11-13 16:31:48,701 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:48,702 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-13 16:31:48,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:48,938 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-13 16:31:48,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:48,961 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-13 16:31:48,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:48,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-13 16:31:48,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,015 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-13 16:31:49,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,033 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-11-13 16:31:49,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-11-13 16:31:49,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,067 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-13 16:31:49,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-11-13 16:31:49,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,073 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-13 16:31:49,074 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-13 16:31:49,074 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [310271193] [2024-11-13 16:31:49,074 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [310271193] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-13 16:31:49,074 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [799272942] [2024-11-13 16:31:49,074 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-13 16:31:49,075 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-13 16:31:49,075 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 [2024-11-13 16:31:49,078 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-13 16:31:49,080 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-13 16:31:49,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-13 16:31:49,214 INFO L255 TraceCheckSpWp]: Trace formula consists of 340 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-13 16:31:49,220 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-13 16:31:49,462 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-13 16:31:49,462 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-13 16:31:49,763 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-13 16:31:49,763 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [799272942] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-13 16:31:49,763 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-13 16:31:49,763 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-13 16:31:49,763 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1978634071] [2024-11-13 16:31:49,764 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-13 16:31:49,764 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-13 16:31:49,764 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-13 16:31:49,765 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-13 16:31:49,765 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-13 16:31:49,765 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-13 16:31:51,211 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-13 16:31:51,211 INFO L93 Difference]: Finished difference Result 907 states and 1154 transitions. [2024-11-13 16:31:51,212 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-11-13 16:31:51,212 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 102 [2024-11-13 16:31:51,213 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-13 16:31:51,213 INFO L225 Difference]: With dead ends: 907 [2024-11-13 16:31:51,214 INFO L226 Difference]: Without dead ends: 0 [2024-11-13 16:31:51,217 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 220 SyntacticMatches, 4 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 278 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=254, Invalid=1078, Unknown=0, NotChecked=0, Total=1332 [2024-11-13 16:31:51,217 INFO L432 NwaCegarLoop]: 170 mSDtfsCounter, 272 mSDsluCounter, 1437 mSDsCounter, 0 mSdLazyCounter, 1199 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 279 SdHoareTripleChecker+Valid, 1607 SdHoareTripleChecker+Invalid, 1266 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 1199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-11-13 16:31:51,218 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [279 Valid, 1607 Invalid, 1266 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 1199 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-11-13 16:31:51,218 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-13 16:31:51,218 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-13 16:31:51,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-13 16:31:51,219 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-13 16:31:51,219 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2024-11-13 16:31:51,219 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-13 16:31:51,220 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-13 16:31:51,220 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-13 16:31:51,220 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-13 16:31:51,220 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-13 16:31:51,223 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-13 16:31:51,246 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-13 16:31:51,427 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-13 16:31:51,433 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-13 16:31:51,435 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-13 16:31:55,738 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-13 16:31:55,810 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= |old(~pumpRunning~0)| 0) .cse2 .cse1) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-13 16:31:55,833 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-13 16:31:55,849 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2 .cse1) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-13 16:31:55,871 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 13.11 04:31:55 BoogieIcfgContainer [2024-11-13 16:31:55,872 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-13 16:31:55,873 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-13 16:31:55,873 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-13 16:31:55,873 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-13 16:31:55,874 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 13.11 04:31:43" (3/4) ... [2024-11-13 16:31:55,877 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-13 16:31:55,883 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-13 16:31:55,883 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-13 16:31:55,883 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-13 16:31:55,883 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-13 16:31:55,884 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-13 16:31:55,884 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-13 16:31:55,884 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-13 16:31:55,897 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-13 16:31:55,898 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-13 16:31:55,899 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-13 16:31:55,899 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 16:31:55,900 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-13 16:31:56,036 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/witness.graphml [2024-11-13 16:31:56,036 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/witness.yml [2024-11-13 16:31:56,036 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-13 16:31:56,037 INFO L158 Benchmark]: Toolchain (without parser) took 13722.65ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 118.5MB in the beginning and 127.3MB in the end (delta: -8.8MB). Peak memory consumption was 22.4MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,038 INFO L158 Benchmark]: CDTParser took 1.23ms. Allocated memory is still 167.8MB. Free memory is still 104.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 16:31:56,038 INFO L158 Benchmark]: CACSL2BoogieTranslator took 627.72ms. Allocated memory is still 142.6MB. Free memory was 118.5MB in the beginning and 99.4MB in the end (delta: 19.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,039 INFO L158 Benchmark]: Boogie Procedure Inliner took 72.14ms. Allocated memory is still 142.6MB. Free memory was 99.4MB in the beginning and 97.6MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-13 16:31:56,039 INFO L158 Benchmark]: Boogie Preprocessor took 41.62ms. Allocated memory is still 142.6MB. Free memory was 97.6MB in the beginning and 95.6MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,039 INFO L158 Benchmark]: RCFGBuilder took 590.30ms. Allocated memory is still 142.6MB. Free memory was 95.6MB in the beginning and 77.0MB in the end (delta: 18.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,040 INFO L158 Benchmark]: TraceAbstraction took 12219.88ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 76.3MB in the beginning and 135.7MB in the end (delta: -59.4MB). Peak memory consumption was 57.9MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,040 INFO L158 Benchmark]: Witness Printer took 163.32ms. Allocated memory is still 176.2MB. Free memory was 135.7MB in the beginning and 127.3MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-13 16:31:56,042 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 1.23ms. Allocated memory is still 167.8MB. Free memory is still 104.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 627.72ms. Allocated memory is still 142.6MB. Free memory was 118.5MB in the beginning and 99.4MB in the end (delta: 19.1MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 72.14ms. Allocated memory is still 142.6MB. Free memory was 99.4MB in the beginning and 97.6MB in the end (delta: 1.8MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 41.62ms. Allocated memory is still 142.6MB. Free memory was 97.6MB in the beginning and 95.6MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * RCFGBuilder took 590.30ms. Allocated memory is still 142.6MB. Free memory was 95.6MB in the beginning and 77.0MB in the end (delta: 18.6MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 12219.88ms. Allocated memory was 142.6MB in the beginning and 176.2MB in the end (delta: 33.6MB). Free memory was 76.3MB in the beginning and 135.7MB in the end (delta: -59.4MB). Peak memory consumption was 57.9MB. Max. memory is 16.1GB. * Witness Printer took 163.32ms. Allocated memory is still 176.2MB. Free memory was 135.7MB in the beginning and 127.3MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.7s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1585 SdHoareTripleChecker+Valid, 2.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1549 mSDsluCounter, 4401 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3335 mSDsCounter, 373 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2200 IncrementalHoareTripleChecker+Invalid, 2573 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 373 mSolverCounterUnsat, 1066 mSDtfsCounter, 2200 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 395 GetRequests, 294 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 432 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 93, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 83 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.4s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1359 SizeOfPredicates, 2 NumberOfNonLiveVariables, 340 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 700]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 != systemActive))) - ProcedureContractResult [Line: 790]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && ((((((waterLevel == \old(waterLevel)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 763]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 580]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 798]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 894]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-13 16:31:56,076 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b94ead3a-a605-4166-b51b-8ed19081a512/bin/uautomizer-verify-qhAvR1uOyd/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE