./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e4fc698cb41b54b4c4983dda7de32b2f9c78701d9e96fbbf9a36472a5bdbde25 --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:16:02,494 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:16:02,561 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:16:02,567 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:16:02,569 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:16:02,600 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:16:02,601 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:16:02,601 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:16:02,602 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:16:02,604 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:16:02,604 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:16:02,604 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:16:02,605 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:16:02,605 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:16:02,606 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:16:02,609 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:16:02,609 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:16:02,609 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:16:02,610 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:16:02,610 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:16:02,610 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:16:02,611 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:16:02,611 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:16:02,611 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:16:02,611 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:16:02,611 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:16:02,612 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:16:02,612 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:16:02,612 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:16:02,612 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:16:02,612 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:16:02,613 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:16:02,613 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:02,613 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:16:02,613 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:16:02,614 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:16:02,614 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:16:02,616 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:16:02,617 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:16:02,617 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:16:02,617 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:16:02,617 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:16:02,618 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e4fc698cb41b54b4c4983dda7de32b2f9c78701d9e96fbbf9a36472a5bdbde25 [2024-11-08 15:16:02,912 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:16:02,933 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:16:02,938 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:16:02,940 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:16:02,940 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:16:02,941 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c [2024-11-08 15:16:04,385 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:16:04,639 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:16:04,639 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c [2024-11-08 15:16:04,652 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5276797dc/9412d44238b049e89f8362f54b87b6b1/FLAGcf083bbca [2024-11-08 15:16:04,664 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5276797dc/9412d44238b049e89f8362f54b87b6b1 [2024-11-08 15:16:04,666 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:16:04,667 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:16:04,669 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:04,669 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:16:04,673 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:16:04,674 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:04" (1/1) ... [2024-11-08 15:16:04,674 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4a60e00c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:04, skipping insertion in model container [2024-11-08 15:16:04,675 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:04" (1/1) ... [2024-11-08 15:16:04,716 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:16:05,031 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c[18431,18444] [2024-11-08 15:16:05,038 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:05,052 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:16:05,061 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-08 15:16:05,063 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] [2024-11-08 15:16:05,063 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [388] [2024-11-08 15:16:05,063 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [458] [2024-11-08 15:16:05,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [824] [2024-11-08 15:16:05,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [923] [2024-11-08 15:16:05,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [958] [2024-11-08 15:16:05,064 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [967] [2024-11-08 15:16:05,137 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c[18431,18444] [2024-11-08 15:16:05,142 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:05,174 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:16:05,175 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05 WrapperNode [2024-11-08 15:16:05,175 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:05,176 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:05,177 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:16:05,177 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:16:05,184 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,201 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,232 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 210 [2024-11-08 15:16:05,233 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:05,233 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:16:05,233 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:16:05,233 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:16:05,244 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,245 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,247 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,277 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:16:05,277 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,277 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,283 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,287 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,288 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,289 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,291 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:16:05,292 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:16:05,292 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:16:05,292 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:16:05,295 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (1/1) ... [2024-11-08 15:16:05,301 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:05,312 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:05,331 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:16:05,338 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:16:05,415 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:16:05,415 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:16:05,415 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:16:05,415 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:16:05,415 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:16:05,415 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:16:05,415 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:16:05,415 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:05,416 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:05,416 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:16:05,416 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:16:05,416 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:16:05,420 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:16:05,420 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:16:05,420 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:16:05,420 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:16:05,420 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:16:05,421 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:16:05,552 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:16:05,554 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:16:05,813 INFO L? ?]: Removed 46 outVars from TransFormulas that were not future-live. [2024-11-08 15:16:05,813 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:16:05,830 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:16:05,830 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:16:05,831 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:05 BoogieIcfgContainer [2024-11-08 15:16:05,831 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:16:05,834 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:16:05,834 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:16:05,837 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:16:05,837 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:16:04" (1/3) ... [2024-11-08 15:16:05,838 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1c63096e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:05, skipping insertion in model container [2024-11-08 15:16:05,838 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:05" (2/3) ... [2024-11-08 15:16:05,838 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1c63096e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:05, skipping insertion in model container [2024-11-08 15:16:05,838 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:05" (3/3) ... [2024-11-08 15:16:05,839 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product52.cil.c [2024-11-08 15:16:05,857 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:16:05,857 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:16:05,932 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:16:05,938 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4cdc6d3c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:16:05,938 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:16:05,942 INFO L276 IsEmpty]: Start isEmpty. Operand has 90 states, 69 states have (on average 1.391304347826087) internal successors, (96), 78 states have internal predecessors, (96), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-08 15:16:05,949 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2024-11-08 15:16:05,950 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:05,950 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:05,951 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:05,955 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:05,955 INFO L85 PathProgramCache]: Analyzing trace with hash 355859289, now seen corresponding path program 1 times [2024-11-08 15:16:05,963 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:05,963 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [258384591] [2024-11-08 15:16:05,963 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:05,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:06,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:06,128 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:06,129 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:06,129 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [258384591] [2024-11-08 15:16:06,130 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [258384591] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:06,130 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:06,130 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:16:06,132 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [657732835] [2024-11-08 15:16:06,132 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:06,136 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:16:06,137 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:06,156 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:16:06,157 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:06,159 INFO L87 Difference]: Start difference. First operand has 90 states, 69 states have (on average 1.391304347826087) internal successors, (96), 78 states have internal predecessors, (96), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:06,196 INFO L93 Difference]: Finished difference Result 172 states and 235 transitions. [2024-11-08 15:16:06,197 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:16:06,198 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2024-11-08 15:16:06,198 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:06,205 INFO L225 Difference]: With dead ends: 172 [2024-11-08 15:16:06,205 INFO L226 Difference]: Without dead ends: 81 [2024-11-08 15:16:06,208 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:06,211 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:06,212 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:06,231 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2024-11-08 15:16:06,255 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2024-11-08 15:16:06,256 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 70 states have internal predecessors, (82), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-08 15:16:06,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 105 transitions. [2024-11-08 15:16:06,262 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 105 transitions. Word has length 19 [2024-11-08 15:16:06,263 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:06,263 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 105 transitions. [2024-11-08 15:16:06,264 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,264 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 105 transitions. [2024-11-08 15:16:06,266 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2024-11-08 15:16:06,266 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:06,266 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:06,266 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:16:06,267 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:06,268 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:06,268 INFO L85 PathProgramCache]: Analyzing trace with hash -730097680, now seen corresponding path program 1 times [2024-11-08 15:16:06,268 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:06,268 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1847208823] [2024-11-08 15:16:06,268 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:06,268 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:06,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:06,388 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:06,389 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:06,389 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1847208823] [2024-11-08 15:16:06,389 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1847208823] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:06,390 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:06,390 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:16:06,390 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [487795206] [2024-11-08 15:16:06,390 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:06,392 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:06,392 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:06,393 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:06,393 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:06,393 INFO L87 Difference]: Start difference. First operand 81 states and 105 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,416 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:06,416 INFO L93 Difference]: Finished difference Result 123 states and 159 transitions. [2024-11-08 15:16:06,417 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:06,417 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2024-11-08 15:16:06,418 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:06,419 INFO L225 Difference]: With dead ends: 123 [2024-11-08 15:16:06,419 INFO L226 Difference]: Without dead ends: 72 [2024-11-08 15:16:06,420 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:06,421 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 17 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 162 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:06,422 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 162 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:06,423 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-11-08 15:16:06,431 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-11-08 15:16:06,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 56 states have (on average 1.3392857142857142) internal successors, (75), 64 states have internal predecessors, (75), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 6 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-08 15:16:06,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 93 transitions. [2024-11-08 15:16:06,433 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 93 transitions. Word has length 20 [2024-11-08 15:16:06,433 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:06,433 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 93 transitions. [2024-11-08 15:16:06,433 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,433 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 93 transitions. [2024-11-08 15:16:06,434 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-08 15:16:06,434 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:06,435 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:06,435 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:16:06,435 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:06,436 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:06,436 INFO L85 PathProgramCache]: Analyzing trace with hash -1878665188, now seen corresponding path program 1 times [2024-11-08 15:16:06,436 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:06,436 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [652087387] [2024-11-08 15:16:06,436 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:06,437 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:06,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:06,560 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:06,561 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:06,561 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [652087387] [2024-11-08 15:16:06,561 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [652087387] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:06,562 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:06,562 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:16:06,562 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1364341968] [2024-11-08 15:16:06,563 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:06,563 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:06,563 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:06,564 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:06,567 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:06,568 INFO L87 Difference]: Start difference. First operand 72 states and 93 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:06,603 INFO L93 Difference]: Finished difference Result 200 states and 264 transitions. [2024-11-08 15:16:06,603 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:06,604 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 25 [2024-11-08 15:16:06,604 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:06,606 INFO L225 Difference]: With dead ends: 200 [2024-11-08 15:16:06,606 INFO L226 Difference]: Without dead ends: 135 [2024-11-08 15:16:06,607 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:06,608 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 71 mSDsluCounter, 81 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 185 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:06,609 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 185 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:06,610 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2024-11-08 15:16:06,626 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 132. [2024-11-08 15:16:06,627 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 132 states, 101 states have (on average 1.3663366336633664) internal successors, (138), 116 states have internal predecessors, (138), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 11 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-08 15:16:06,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 132 states to 132 states and 174 transitions. [2024-11-08 15:16:06,632 INFO L78 Accepts]: Start accepts. Automaton has 132 states and 174 transitions. Word has length 25 [2024-11-08 15:16:06,632 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:06,632 INFO L471 AbstractCegarLoop]: Abstraction has 132 states and 174 transitions. [2024-11-08 15:16:06,633 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,633 INFO L276 IsEmpty]: Start isEmpty. Operand 132 states and 174 transitions. [2024-11-08 15:16:06,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-08 15:16:06,634 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:06,635 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:06,635 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:16:06,635 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:06,636 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:06,636 INFO L85 PathProgramCache]: Analyzing trace with hash 1340325107, now seen corresponding path program 1 times [2024-11-08 15:16:06,636 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:06,636 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [978608189] [2024-11-08 15:16:06,637 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:06,637 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:06,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:06,813 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:06,814 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:06,814 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [978608189] [2024-11-08 15:16:06,814 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [978608189] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:06,814 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:06,814 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-08 15:16:06,814 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1535536671] [2024-11-08 15:16:06,815 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:06,815 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:16:06,815 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:06,816 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:16:06,816 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:06,817 INFO L87 Difference]: Start difference. First operand 132 states and 174 transitions. Second operand has 5 states, 5 states have (on average 5.4) internal successors, (27), 4 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:06,946 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:06,947 INFO L93 Difference]: Finished difference Result 370 states and 507 transitions. [2024-11-08 15:16:06,948 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:16:06,949 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 4 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2024-11-08 15:16:06,950 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:06,952 INFO L225 Difference]: With dead ends: 370 [2024-11-08 15:16:06,955 INFO L226 Difference]: Without dead ends: 245 [2024-11-08 15:16:06,957 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:06,962 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 58 mSDsluCounter, 248 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:06,962 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 334 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:06,963 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 245 states. [2024-11-08 15:16:07,031 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 245 to 245. [2024-11-08 15:16:07,031 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 245 states, 186 states have (on average 1.3440860215053763) internal successors, (250), 213 states have internal predecessors, (250), 36 states have call successors, (36), 24 states have call predecessors, (36), 22 states have return successors, (38), 20 states have call predecessors, (38), 36 states have call successors, (38) [2024-11-08 15:16:07,038 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 245 states to 245 states and 324 transitions. [2024-11-08 15:16:07,042 INFO L78 Accepts]: Start accepts. Automaton has 245 states and 324 transitions. Word has length 28 [2024-11-08 15:16:07,043 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:07,043 INFO L471 AbstractCegarLoop]: Abstraction has 245 states and 324 transitions. [2024-11-08 15:16:07,047 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.4) internal successors, (27), 4 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:07,066 INFO L276 IsEmpty]: Start isEmpty. Operand 245 states and 324 transitions. [2024-11-08 15:16:07,069 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-08 15:16:07,071 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:07,072 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:07,072 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:16:07,072 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:07,073 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:07,073 INFO L85 PathProgramCache]: Analyzing trace with hash 1413318200, now seen corresponding path program 1 times [2024-11-08 15:16:07,073 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:07,073 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2041982956] [2024-11-08 15:16:07,073 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:07,074 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:07,094 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,141 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:07,142 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:07,142 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2041982956] [2024-11-08 15:16:07,142 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2041982956] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:07,142 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:07,142 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:16:07,142 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1440962012] [2024-11-08 15:16:07,143 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:07,143 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:07,143 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:07,144 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:07,144 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:07,144 INFO L87 Difference]: Start difference. First operand 245 states and 324 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:07,203 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:07,204 INFO L93 Difference]: Finished difference Result 599 states and 813 transitions. [2024-11-08 15:16:07,204 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:07,204 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2024-11-08 15:16:07,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:07,211 INFO L225 Difference]: With dead ends: 599 [2024-11-08 15:16:07,211 INFO L226 Difference]: Without dead ends: 361 [2024-11-08 15:16:07,215 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:07,216 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 52 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:07,216 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 151 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:07,217 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 361 states. [2024-11-08 15:16:07,257 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 361 to 352. [2024-11-08 15:16:07,259 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 352 states, 273 states have (on average 1.3003663003663004) internal successors, (355), 293 states have internal predecessors, (355), 41 states have call successors, (41), 39 states have call predecessors, (41), 37 states have return successors, (59), 36 states have call predecessors, (59), 41 states have call successors, (59) [2024-11-08 15:16:07,263 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 352 states to 352 states and 455 transitions. [2024-11-08 15:16:07,266 INFO L78 Accepts]: Start accepts. Automaton has 352 states and 455 transitions. Word has length 30 [2024-11-08 15:16:07,267 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:07,268 INFO L471 AbstractCegarLoop]: Abstraction has 352 states and 455 transitions. [2024-11-08 15:16:07,268 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:07,268 INFO L276 IsEmpty]: Start isEmpty. Operand 352 states and 455 transitions. [2024-11-08 15:16:07,269 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:16:07,269 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:07,269 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:07,272 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:16:07,273 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:07,273 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:07,273 INFO L85 PathProgramCache]: Analyzing trace with hash 515112153, now seen corresponding path program 1 times [2024-11-08 15:16:07,274 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:07,274 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [924438845] [2024-11-08 15:16:07,274 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:07,274 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:07,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:07,374 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,379 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:07,381 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:07,381 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [924438845] [2024-11-08 15:16:07,381 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [924438845] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:07,381 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:07,385 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:07,385 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [46559077] [2024-11-08 15:16:07,385 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:07,385 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:07,386 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:07,387 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:07,387 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:07,387 INFO L87 Difference]: Start difference. First operand 352 states and 455 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:16:07,644 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:07,644 INFO L93 Difference]: Finished difference Result 422 states and 548 transitions. [2024-11-08 15:16:07,645 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-08 15:16:07,645 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-11-08 15:16:07,646 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:07,649 INFO L225 Difference]: With dead ends: 422 [2024-11-08 15:16:07,651 INFO L226 Difference]: Without dead ends: 420 [2024-11-08 15:16:07,652 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-08 15:16:07,653 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 113 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 180 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 208 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 180 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:07,657 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 307 Invalid, 208 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 180 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:07,658 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 420 states. [2024-11-08 15:16:07,685 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 420 to 418. [2024-11-08 15:16:07,687 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 418 states, 325 states have (on average 1.2861538461538462) internal successors, (418), 355 states have internal predecessors, (418), 47 states have call successors, (47), 39 states have call predecessors, (47), 45 states have return successors, (77), 40 states have call predecessors, (77), 47 states have call successors, (77) [2024-11-08 15:16:07,689 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 418 states to 418 states and 542 transitions. [2024-11-08 15:16:07,690 INFO L78 Accepts]: Start accepts. Automaton has 418 states and 542 transitions. Word has length 32 [2024-11-08 15:16:07,690 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:07,690 INFO L471 AbstractCegarLoop]: Abstraction has 418 states and 542 transitions. [2024-11-08 15:16:07,690 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:16:07,691 INFO L276 IsEmpty]: Start isEmpty. Operand 418 states and 542 transitions. [2024-11-08 15:16:07,692 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-08 15:16:07,692 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:07,692 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:07,693 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:16:07,693 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:07,693 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:07,693 INFO L85 PathProgramCache]: Analyzing trace with hash 585600178, now seen corresponding path program 1 times [2024-11-08 15:16:07,694 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:07,694 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [539006185] [2024-11-08 15:16:07,694 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:07,694 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:07,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,754 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:07,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:07,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:07,832 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:07,833 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:07,834 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [539006185] [2024-11-08 15:16:07,834 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [539006185] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:07,834 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:07,834 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:16:07,835 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [706847498] [2024-11-08 15:16:07,835 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:07,835 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:16:07,835 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:07,836 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:16:07,837 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:07,837 INFO L87 Difference]: Start difference. First operand 418 states and 542 transitions. Second operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:08,108 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:08,108 INFO L93 Difference]: Finished difference Result 923 states and 1212 transitions. [2024-11-08 15:16:08,109 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:16:08,110 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2024-11-08 15:16:08,110 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:08,114 INFO L225 Difference]: With dead ends: 923 [2024-11-08 15:16:08,115 INFO L226 Difference]: Without dead ends: 512 [2024-11-08 15:16:08,116 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2024-11-08 15:16:08,118 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 120 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 222 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 250 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 222 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:08,121 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 347 Invalid, 250 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 222 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:08,122 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 512 states. [2024-11-08 15:16:08,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 512 to 470. [2024-11-08 15:16:08,163 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 470 states, 371 states have (on average 1.266846361185984) internal successors, (470), 401 states have internal predecessors, (470), 47 states have call successors, (47), 39 states have call predecessors, (47), 51 states have return successors, (85), 44 states have call predecessors, (85), 47 states have call successors, (85) [2024-11-08 15:16:08,168 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 470 states to 470 states and 602 transitions. [2024-11-08 15:16:08,169 INFO L78 Accepts]: Start accepts. Automaton has 470 states and 602 transitions. Word has length 43 [2024-11-08 15:16:08,169 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:08,170 INFO L471 AbstractCegarLoop]: Abstraction has 470 states and 602 transitions. [2024-11-08 15:16:08,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:08,170 INFO L276 IsEmpty]: Start isEmpty. Operand 470 states and 602 transitions. [2024-11-08 15:16:08,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-08 15:16:08,172 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:08,173 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:08,173 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:16:08,175 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:08,175 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:08,175 INFO L85 PathProgramCache]: Analyzing trace with hash -425517072, now seen corresponding path program 1 times [2024-11-08 15:16:08,175 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:08,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1200328646] [2024-11-08 15:16:08,176 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:08,176 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:08,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:08,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,239 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:08,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,264 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:08,264 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:08,264 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1200328646] [2024-11-08 15:16:08,264 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1200328646] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:08,265 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:08,265 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:16:08,265 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [92489107] [2024-11-08 15:16:08,265 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:08,265 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:16:08,266 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:08,266 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:16:08,266 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:08,266 INFO L87 Difference]: Start difference. First operand 470 states and 602 transitions. Second operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:08,630 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:08,630 INFO L93 Difference]: Finished difference Result 923 states and 1199 transitions. [2024-11-08 15:16:08,631 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2024-11-08 15:16:08,631 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 43 [2024-11-08 15:16:08,631 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:08,634 INFO L225 Difference]: With dead ends: 923 [2024-11-08 15:16:08,634 INFO L226 Difference]: Without dead ends: 460 [2024-11-08 15:16:08,636 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 26 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=65, Invalid=145, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:16:08,637 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 299 mSDsluCounter, 293 mSDsCounter, 0 mSdLazyCounter, 242 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 304 SdHoareTripleChecker+Valid, 377 SdHoareTripleChecker+Invalid, 318 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 242 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:08,638 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [304 Valid, 377 Invalid, 318 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 242 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:16:08,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 460 states. [2024-11-08 15:16:08,679 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 460 to 364. [2024-11-08 15:16:08,680 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 364 states, 287 states have (on average 1.264808362369338) internal successors, (363), 310 states have internal predecessors, (363), 38 states have call successors, (38), 32 states have call predecessors, (38), 38 states have return successors, (60), 33 states have call predecessors, (60), 38 states have call successors, (60) [2024-11-08 15:16:08,685 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 364 states to 364 states and 461 transitions. [2024-11-08 15:16:08,686 INFO L78 Accepts]: Start accepts. Automaton has 364 states and 461 transitions. Word has length 43 [2024-11-08 15:16:08,687 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:08,687 INFO L471 AbstractCegarLoop]: Abstraction has 364 states and 461 transitions. [2024-11-08 15:16:08,687 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:08,688 INFO L276 IsEmpty]: Start isEmpty. Operand 364 states and 461 transitions. [2024-11-08 15:16:08,689 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-08 15:16:08,689 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:08,689 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:08,689 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:16:08,689 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:08,689 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:08,690 INFO L85 PathProgramCache]: Analyzing trace with hash -1446585426, now seen corresponding path program 1 times [2024-11-08 15:16:08,690 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:08,690 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1433230960] [2024-11-08 15:16:08,690 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:08,693 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:08,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,776 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:08,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,785 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:08,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:08,800 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:08,800 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:08,800 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1433230960] [2024-11-08 15:16:08,800 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1433230960] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:08,801 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:08,801 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:16:08,801 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [62575224] [2024-11-08 15:16:08,801 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:08,801 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:16:08,802 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:08,802 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:16:08,802 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:08,803 INFO L87 Difference]: Start difference. First operand 364 states and 461 transitions. Second operand has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:09,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:09,196 INFO L93 Difference]: Finished difference Result 850 states and 1141 transitions. [2024-11-08 15:16:09,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-08 15:16:09,196 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2024-11-08 15:16:09,197 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:09,200 INFO L225 Difference]: With dead ends: 850 [2024-11-08 15:16:09,200 INFO L226 Difference]: Without dead ends: 577 [2024-11-08 15:16:09,201 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 6 SyntacticMatches, 1 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 59 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=93, Invalid=249, Unknown=0, NotChecked=0, Total=342 [2024-11-08 15:16:09,202 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 182 mSDsluCounter, 357 mSDsCounter, 0 mSdLazyCounter, 335 mSolverCounterSat, 44 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 184 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 379 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 44 IncrementalHoareTripleChecker+Valid, 335 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:09,202 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [184 Valid, 457 Invalid, 379 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [44 Valid, 335 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:16:09,203 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 577 states. [2024-11-08 15:16:09,231 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 577 to 552. [2024-11-08 15:16:09,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 552 states, 435 states have (on average 1.2344827586206897) internal successors, (537), 465 states have internal predecessors, (537), 57 states have call successors, (57), 49 states have call predecessors, (57), 59 states have return successors, (115), 58 states have call predecessors, (115), 57 states have call successors, (115) [2024-11-08 15:16:09,235 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 552 states to 552 states and 709 transitions. [2024-11-08 15:16:09,236 INFO L78 Accepts]: Start accepts. Automaton has 552 states and 709 transitions. Word has length 43 [2024-11-08 15:16:09,236 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:09,237 INFO L471 AbstractCegarLoop]: Abstraction has 552 states and 709 transitions. [2024-11-08 15:16:09,237 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.428571428571429) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:09,237 INFO L276 IsEmpty]: Start isEmpty. Operand 552 states and 709 transitions. [2024-11-08 15:16:09,239 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-08 15:16:09,239 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:09,239 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:09,239 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:16:09,239 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:09,240 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:09,240 INFO L85 PathProgramCache]: Analyzing trace with hash -1821640304, now seen corresponding path program 1 times [2024-11-08 15:16:09,240 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:09,240 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1318015750] [2024-11-08 15:16:09,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:09,241 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:09,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:09,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:16:09,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:16:09,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,314 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:09,314 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:09,315 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1318015750] [2024-11-08 15:16:09,315 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1318015750] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:09,315 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:09,315 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:16:09,315 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1394650082] [2024-11-08 15:16:09,315 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:09,316 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:16:09,316 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:09,316 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:16:09,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:09,316 INFO L87 Difference]: Start difference. First operand 552 states and 709 transitions. Second operand has 7 states, 7 states have (on average 8.428571428571429) internal successors, (59), 4 states have internal predecessors, (59), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:16:09,572 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:09,572 INFO L93 Difference]: Finished difference Result 930 states and 1192 transitions. [2024-11-08 15:16:09,573 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-08 15:16:09,573 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 8.428571428571429) internal successors, (59), 4 states have internal predecessors, (59), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 66 [2024-11-08 15:16:09,573 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:09,575 INFO L225 Difference]: With dead ends: 930 [2024-11-08 15:16:09,576 INFO L226 Difference]: Without dead ends: 385 [2024-11-08 15:16:09,577 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2024-11-08 15:16:09,578 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 305 mSDsluCounter, 177 mSDsCounter, 0 mSdLazyCounter, 184 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 313 SdHoareTripleChecker+Valid, 271 SdHoareTripleChecker+Invalid, 247 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 184 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:09,578 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [313 Valid, 271 Invalid, 247 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 184 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:09,579 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 385 states. [2024-11-08 15:16:09,599 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 385 to 368. [2024-11-08 15:16:09,600 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 368 states, 291 states have (on average 1.2268041237113403) internal successors, (357), 312 states have internal predecessors, (357), 38 states have call successors, (38), 34 states have call predecessors, (38), 38 states have return successors, (68), 38 states have call predecessors, (68), 38 states have call successors, (68) [2024-11-08 15:16:09,602 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 368 states to 368 states and 463 transitions. [2024-11-08 15:16:09,602 INFO L78 Accepts]: Start accepts. Automaton has 368 states and 463 transitions. Word has length 66 [2024-11-08 15:16:09,602 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:09,603 INFO L471 AbstractCegarLoop]: Abstraction has 368 states and 463 transitions. [2024-11-08 15:16:09,603 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 8.428571428571429) internal successors, (59), 4 states have internal predecessors, (59), 4 states have call successors, (4), 4 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:16:09,603 INFO L276 IsEmpty]: Start isEmpty. Operand 368 states and 463 transitions. [2024-11-08 15:16:09,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-11-08 15:16:09,604 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:09,605 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:09,605 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-08 15:16:09,605 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:09,605 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:09,605 INFO L85 PathProgramCache]: Analyzing trace with hash 781656095, now seen corresponding path program 1 times [2024-11-08 15:16:09,606 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:09,606 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1235477396] [2024-11-08 15:16:09,606 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:09,606 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:09,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,740 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:09,741 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,751 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:16:09,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,771 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:16:09,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,781 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 63 [2024-11-08 15:16:09,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,785 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:09,785 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,786 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 12 proven. 7 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-08 15:16:09,786 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:09,786 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1235477396] [2024-11-08 15:16:09,787 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1235477396] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:16:09,787 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [165169710] [2024-11-08 15:16:09,787 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:09,787 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:16:09,787 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:09,805 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:16:09,806 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:16:09,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:09,897 INFO L255 TraceCheckSpWp]: Trace formula consists of 275 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:16:09,904 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:16:10,035 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:10,035 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:16:10,187 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 13 proven. 6 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-08 15:16:10,187 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [165169710] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:16:10,187 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:16:10,187 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 9 [2024-11-08 15:16:10,188 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2100302727] [2024-11-08 15:16:10,188 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:16:10,188 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-08 15:16:10,188 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:10,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-08 15:16:10,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:16:10,189 INFO L87 Difference]: Start difference. First operand 368 states and 463 transitions. Second operand has 9 states, 9 states have (on average 8.11111111111111) internal successors, (73), 6 states have internal predecessors, (73), 3 states have call successors, (12), 6 states have call predecessors, (12), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-08 15:16:10,796 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:10,796 INFO L93 Difference]: Finished difference Result 872 states and 1152 transitions. [2024-11-08 15:16:10,797 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-08 15:16:10,797 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 8.11111111111111) internal successors, (73), 6 states have internal predecessors, (73), 3 states have call successors, (12), 6 states have call predecessors, (12), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) Word has length 78 [2024-11-08 15:16:10,798 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:10,802 INFO L225 Difference]: With dead ends: 872 [2024-11-08 15:16:10,802 INFO L226 Difference]: Without dead ends: 579 [2024-11-08 15:16:10,804 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 198 GetRequests, 164 SyntacticMatches, 7 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 204 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=198, Invalid=614, Unknown=0, NotChecked=0, Total=812 [2024-11-08 15:16:10,804 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 236 mSDsluCounter, 468 mSDsCounter, 0 mSdLazyCounter, 421 mSolverCounterSat, 66 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 562 SdHoareTripleChecker+Invalid, 487 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 66 IncrementalHoareTripleChecker+Valid, 421 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:10,805 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [242 Valid, 562 Invalid, 487 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [66 Valid, 421 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-08 15:16:10,806 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 579 states. [2024-11-08 15:16:10,835 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 579 to 498. [2024-11-08 15:16:10,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 498 states, 390 states have (on average 1.2333333333333334) internal successors, (481), 420 states have internal predecessors, (481), 54 states have call successors, (54), 48 states have call predecessors, (54), 53 states have return successors, (102), 50 states have call predecessors, (102), 54 states have call successors, (102) [2024-11-08 15:16:10,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 498 states to 498 states and 637 transitions. [2024-11-08 15:16:10,839 INFO L78 Accepts]: Start accepts. Automaton has 498 states and 637 transitions. Word has length 78 [2024-11-08 15:16:10,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:10,840 INFO L471 AbstractCegarLoop]: Abstraction has 498 states and 637 transitions. [2024-11-08 15:16:10,840 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 8.11111111111111) internal successors, (73), 6 states have internal predecessors, (73), 3 states have call successors, (12), 6 states have call predecessors, (12), 3 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-08 15:16:10,840 INFO L276 IsEmpty]: Start isEmpty. Operand 498 states and 637 transitions. [2024-11-08 15:16:10,842 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2024-11-08 15:16:10,842 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:10,842 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:10,860 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:16:11,043 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-08 15:16:11,043 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:11,044 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:11,044 INFO L85 PathProgramCache]: Analyzing trace with hash 313015822, now seen corresponding path program 2 times [2024-11-08 15:16:11,044 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:11,044 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [962793050] [2024-11-08 15:16:11,044 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:11,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:11,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,213 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:11,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:16:11,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,237 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:16:11,240 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,248 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-08 15:16:11,252 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,428 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:16:11,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,433 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:11,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,436 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 98 [2024-11-08 15:16:11,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,438 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:11,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:11,440 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 54 proven. 11 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-11-08 15:16:11,441 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:11,441 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [962793050] [2024-11-08 15:16:11,441 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [962793050] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:16:11,441 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1153225348] [2024-11-08 15:16:11,441 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST1 [2024-11-08 15:16:11,441 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:16:11,442 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:11,443 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:16:11,445 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-08 15:16:11,557 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST1 issued 2 check-sat command(s) [2024-11-08 15:16:11,557 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-08 15:16:11,560 INFO L255 TraceCheckSpWp]: Trace formula consists of 357 conjuncts, 14 conjuncts are in the unsatisfiable core [2024-11-08 15:16:11,567 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:16:11,788 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 47 proven. 17 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-08 15:16:11,789 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:16:11,998 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 47 proven. 2 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-08 15:16:11,998 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1153225348] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:16:11,998 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:16:11,998 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 9, 8] total 19 [2024-11-08 15:16:11,999 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [189841458] [2024-11-08 15:16:11,999 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:16:11,999 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2024-11-08 15:16:12,000 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:12,000 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2024-11-08 15:16:12,001 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=53, Invalid=289, Unknown=0, NotChecked=0, Total=342 [2024-11-08 15:16:12,001 INFO L87 Difference]: Start difference. First operand 498 states and 637 transitions. Second operand has 19 states, 19 states have (on average 9.210526315789474) internal successors, (175), 17 states have internal predecessors, (175), 7 states have call successors, (19), 8 states have call predecessors, (19), 6 states have return successors, (17), 7 states have call predecessors, (17), 7 states have call successors, (17) [2024-11-08 15:16:13,544 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:13,544 INFO L93 Difference]: Finished difference Result 1488 states and 2006 transitions. [2024-11-08 15:16:13,545 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2024-11-08 15:16:13,545 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 19 states have (on average 9.210526315789474) internal successors, (175), 17 states have internal predecessors, (175), 7 states have call successors, (19), 8 states have call predecessors, (19), 6 states have return successors, (17), 7 states have call predecessors, (17), 7 states have call successors, (17) Word has length 113 [2024-11-08 15:16:13,546 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:13,551 INFO L225 Difference]: With dead ends: 1488 [2024-11-08 15:16:13,551 INFO L226 Difference]: Without dead ends: 1064 [2024-11-08 15:16:13,554 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 290 GetRequests, 238 SyntacticMatches, 7 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 445 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=430, Invalid=1732, Unknown=0, NotChecked=0, Total=2162 [2024-11-08 15:16:13,554 INFO L432 NwaCegarLoop]: 189 mSDtfsCounter, 525 mSDsluCounter, 1558 mSDsCounter, 0 mSdLazyCounter, 1612 mSolverCounterSat, 153 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 534 SdHoareTripleChecker+Valid, 1747 SdHoareTripleChecker+Invalid, 1765 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 153 IncrementalHoareTripleChecker+Valid, 1612 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:13,555 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [534 Valid, 1747 Invalid, 1765 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [153 Valid, 1612 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-11-08 15:16:13,556 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1064 states. [2024-11-08 15:16:13,617 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1064 to 965. [2024-11-08 15:16:13,619 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 965 states, 756 states have (on average 1.2328042328042328) internal successors, (932), 808 states have internal predecessors, (932), 107 states have call successors, (107), 97 states have call predecessors, (107), 101 states have return successors, (182), 99 states have call predecessors, (182), 107 states have call successors, (182) [2024-11-08 15:16:13,623 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 965 states to 965 states and 1221 transitions. [2024-11-08 15:16:13,625 INFO L78 Accepts]: Start accepts. Automaton has 965 states and 1221 transitions. Word has length 113 [2024-11-08 15:16:13,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:13,625 INFO L471 AbstractCegarLoop]: Abstraction has 965 states and 1221 transitions. [2024-11-08 15:16:13,625 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 19 states have (on average 9.210526315789474) internal successors, (175), 17 states have internal predecessors, (175), 7 states have call successors, (19), 8 states have call predecessors, (19), 6 states have return successors, (17), 7 states have call predecessors, (17), 7 states have call successors, (17) [2024-11-08 15:16:13,626 INFO L276 IsEmpty]: Start isEmpty. Operand 965 states and 1221 transitions. [2024-11-08 15:16:13,631 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2024-11-08 15:16:13,632 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:13,632 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:13,650 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-08 15:16:13,836 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-08 15:16:13,837 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:13,837 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:13,837 INFO L85 PathProgramCache]: Analyzing trace with hash 1189034828, now seen corresponding path program 1 times [2024-11-08 15:16:13,837 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:13,838 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1218739212] [2024-11-08 15:16:13,838 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:13,838 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:13,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,916 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:16:13,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,925 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:16:13,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,934 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:16:13,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,939 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-08 15:16:13,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,978 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:16:13,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:13,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 98 [2024-11-08 15:16:13,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:16:13,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:13,987 INFO L134 CoverageAnalysis]: Checked inductivity of 77 backedges. 44 proven. 0 refuted. 0 times theorem prover too weak. 33 trivial. 0 not checked. [2024-11-08 15:16:13,987 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:13,987 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1218739212] [2024-11-08 15:16:13,988 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1218739212] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:13,988 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:13,988 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:16:13,988 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [822400544] [2024-11-08 15:16:13,988 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:13,989 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:16:13,989 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:13,989 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:16:13,989 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:16:13,990 INFO L87 Difference]: Start difference. First operand 965 states and 1221 transitions. Second operand has 8 states, 8 states have (on average 9.75) internal successors, (78), 5 states have internal predecessors, (78), 2 states have call successors, (6), 5 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-08 15:16:14,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:14,200 INFO L93 Difference]: Finished difference Result 1240 states and 1547 transitions. [2024-11-08 15:16:14,200 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:16:14,201 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 9.75) internal successors, (78), 5 states have internal predecessors, (78), 2 states have call successors, (6), 5 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 113 [2024-11-08 15:16:14,201 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:14,202 INFO L225 Difference]: With dead ends: 1240 [2024-11-08 15:16:14,202 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:16:14,205 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=83, Unknown=0, NotChecked=0, Total=110 [2024-11-08 15:16:14,206 INFO L432 NwaCegarLoop]: 53 mSDtfsCounter, 117 mSDsluCounter, 203 mSDsCounter, 0 mSdLazyCounter, 214 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 119 SdHoareTripleChecker+Valid, 256 SdHoareTripleChecker+Invalid, 248 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 214 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:14,206 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [119 Valid, 256 Invalid, 248 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 214 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:14,206 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:16:14,207 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:16:14,207 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:14,207 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:16:14,208 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 113 [2024-11-08 15:16:14,208 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:14,208 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:16:14,208 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 9.75) internal successors, (78), 5 states have internal predecessors, (78), 2 states have call successors, (6), 5 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-08 15:16:14,208 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:16:14,209 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:16:14,211 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:16:14,212 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12 [2024-11-08 15:16:14,214 INFO L407 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:14,216 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:16:15,767 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:16:15,782 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))))) Eliminated clause: (or (and (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0)))) [2024-11-08 15:16:15,799 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse2 (= 0 ~systemActive~0))) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~waterLevel~0)|))) (or (and .cse0 (<= 2 |old(~waterLevel~0)|)) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse1 .cse2))) (or (= ~pumpRunning~0 0) (not .cse2)) (= |old(~waterLevel~0)| ~waterLevel~0))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (= 0 ~systemActive~0))) (and (let ((.cse1 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and .cse0 .cse1 .cse2) (and (<= 2 ~waterLevel~0) .cse1) (and .cse2 .cse3))) (or .cse0 (not .cse3)))) [2024-11-08 15:16:15,806 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= 1 ~waterLevel~0)) Eliminated clause: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (<= 1 ~waterLevel~0)) [2024-11-08 15:16:15,809 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~waterLevel~0)|))) (or (and .cse0 (<= 2 |old(~waterLevel~0)|)) (and .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse1 .cse0 .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and .cse0 .cse1 .cse2) (and (<= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (= 0 ~systemActive~0)))) [2024-11-08 15:16:15,814 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:16:15 BoogieIcfgContainer [2024-11-08 15:16:15,814 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:16:15,815 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:16:15,815 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:16:15,815 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:16:15,816 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:05" (3/4) ... [2024-11-08 15:16:15,820 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:16:15,824 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:16:15,824 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:16:15,824 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:16:15,824 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:16:15,824 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:16:15,825 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:16:15,825 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:16:15,832 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-08 15:16:15,833 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:16:15,834 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:16:15,834 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:15,834 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:15,943 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:16:15,945 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:16:15,945 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:16:15,946 INFO L158 Benchmark]: Toolchain (without parser) took 11278.74ms. Allocated memory was 165.7MB in the beginning and 255.9MB in the end (delta: 90.2MB). Free memory was 116.8MB in the beginning and 119.5MB in the end (delta: -2.7MB). Peak memory consumption was 88.3MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,946 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 100.7MB. Free memory is still 68.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:16:15,947 INFO L158 Benchmark]: CACSL2BoogieTranslator took 506.57ms. Allocated memory is still 165.7MB. Free memory was 116.8MB in the beginning and 94.9MB in the end (delta: 21.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,947 INFO L158 Benchmark]: Boogie Procedure Inliner took 56.59ms. Allocated memory is still 165.7MB. Free memory was 94.9MB in the beginning and 92.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,947 INFO L158 Benchmark]: Boogie Preprocessor took 58.03ms. Allocated memory is still 165.7MB. Free memory was 92.3MB in the beginning and 90.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,947 INFO L158 Benchmark]: RCFGBuilder took 538.97ms. Allocated memory is still 165.7MB. Free memory was 90.2MB in the beginning and 120.2MB in the end (delta: -30.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,948 INFO L158 Benchmark]: TraceAbstraction took 9980.87ms. Allocated memory was 165.7MB in the beginning and 255.9MB in the end (delta: 90.2MB). Free memory was 119.8MB in the beginning and 126.9MB in the end (delta: -7.1MB). Peak memory consumption was 135.5MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,948 INFO L158 Benchmark]: Witness Printer took 130.10ms. Allocated memory is still 255.9MB. Free memory was 126.9MB in the beginning and 119.5MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 15:16:15,950 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 100.7MB. Free memory is still 68.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 506.57ms. Allocated memory is still 165.7MB. Free memory was 116.8MB in the beginning and 94.9MB in the end (delta: 21.9MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 56.59ms. Allocated memory is still 165.7MB. Free memory was 94.9MB in the beginning and 92.3MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 58.03ms. Allocated memory is still 165.7MB. Free memory was 92.3MB in the beginning and 90.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 538.97ms. Allocated memory is still 165.7MB. Free memory was 90.2MB in the beginning and 120.2MB in the end (delta: -30.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 9980.87ms. Allocated memory was 165.7MB in the beginning and 255.9MB in the end (delta: 90.2MB). Free memory was 119.8MB in the beginning and 126.9MB in the end (delta: -7.1MB). Peak memory consumption was 135.5MB. Max. memory is 16.1GB. * Witness Printer took 130.10ms. Allocated memory is still 255.9MB. Free memory was 126.9MB in the beginning and 119.5MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [160] - GenericResultAtLocation [Line: 388]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [388] - GenericResultAtLocation [Line: 458]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [458] - GenericResultAtLocation [Line: 824]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [824] - GenericResultAtLocation [Line: 923]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [923] - GenericResultAtLocation [Line: 958]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [958] - GenericResultAtLocation [Line: 967]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [967] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 963]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 90 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.3s, OverallIterations: 13, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 4.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2135 SdHoareTripleChecker+Valid, 2.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2095 mSDsluCounter, 5270 SdHoareTripleChecker+Invalid, 2.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4026 mSDsCounter, 505 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3457 IncrementalHoareTripleChecker+Invalid, 3962 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 505 mSolverCounterUnsat, 1244 mSDtfsCounter, 3457 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 622 GetRequests, 460 SyntacticMatches, 15 SemanticMatches, 147 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 773 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=965occurred in iteration=12, InterpolantAutomatonStates: 144, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 13 MinimizatonAttempts, 374 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.3s InterpolantComputationTime, 844 NumberOfCodeBlocks, 844 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1018 ConstructedInterpolants, 0 QuantifiedInterpolants, 2053 SizeOfPredicates, 4 NumberOfNonLiveVariables, 632 ConjunctsInSsa, 22 ConjunctsInUnsatCore, 17 InterpolantComputations, 11 PerfectInterpolantSequences, 337/386 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 399]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 836]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 400]: Loop Invariant Derived loop invariant: (((((2 <= waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (1 <= waterLevel)) && (0 == systemActive))) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel))) - ProcedureContractResult [Line: 263]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((1 == systemActive) && (1 <= waterLevel)) || ((2 <= waterLevel) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((1 == systemActive) && (1 <= waterLevel)) || ((2 <= waterLevel) && (0 != systemActive)))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 196]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((2 <= waterLevel) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= waterLevel)) && (0 == systemActive))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((2 <= waterLevel) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= waterLevel)) && (0 == systemActive))) && (((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 826]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 172]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) || ((1 <= waterLevel) && (0 == systemActive))) && ((pumpRunning == 0) || (0 != systemActive))) Ensures: (((((((pumpRunning == 0) && (\old(waterLevel) <= ((long long) waterLevel + 1))) || ((2 <= waterLevel) && (\old(waterLevel) <= ((long long) waterLevel + 1)))) && (((((\old(pumpRunning) == 0) && (1 <= \old(waterLevel))) && (0 == systemActive)) || ((1 == systemActive) && (2 <= \old(waterLevel)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (1 <= \old(waterLevel))))) && ((pumpRunning == 0) || (0 != systemActive))) && ((\old(pumpRunning) != 0) || (\old(waterLevel) == waterLevel))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 204]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) Ensures: (((((1 == systemActive) && (\old(pumpRunning) == 0)) && (1 <= waterLevel)) && ((pumpRunning == 0) || (1 < waterLevel))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || ((2 <= waterLevel) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= waterLevel)) && (0 == systemActive))) Ensures: ((((((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel)) && ((pumpRunning == 0) || (0 != systemActive))) && (((1 == systemActive) && (1 <= \old(waterLevel))) || ((1 <= \old(waterLevel)) && (0 == systemActive)))) && ((\old(waterLevel) != 1) || ((pumpRunning == 0) && (2 <= waterLevel)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:16:15,980 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE