./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:17:00,407 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:17:00,487 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:17:00,497 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:17:00,500 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:17:00,530 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:17:00,531 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:17:00,531 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:17:00,532 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:17:00,534 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:17:00,534 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:17:00,534 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:17:00,535 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:17:00,537 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:17:00,537 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:17:00,537 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:17:00,537 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:17:00,538 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:17:00,538 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:17:00,538 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:17:00,538 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:17:00,542 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:17:00,542 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:17:00,542 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:17:00,543 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:17:00,543 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:17:00,543 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:17:00,543 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:17:00,543 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:17:00,544 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:17:00,544 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:17:00,544 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:17:00,544 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:00,544 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:17:00,545 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:17:00,545 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:17:00,545 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:17:00,545 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:17:00,546 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:17:00,546 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:17:00,546 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:17:00,547 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:17:00,547 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 [2024-11-08 15:17:00,841 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:17:00,865 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:17:00,868 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:17:00,869 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:17:00,870 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:17:00,872 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2024-11-08 15:17:02,318 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:17:02,551 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:17:02,553 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2024-11-08 15:17:02,574 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/575532899/852d5f3398bd4b9eba5a567dc0926ea5/FLAG3147323ef [2024-11-08 15:17:02,899 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/575532899/852d5f3398bd4b9eba5a567dc0926ea5 [2024-11-08 15:17:02,903 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:17:02,904 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:17:02,907 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:02,908 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:17:02,914 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:17:02,915 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:02" (1/1) ... [2024-11-08 15:17:02,916 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3aec2cf and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:02, skipping insertion in model container [2024-11-08 15:17:02,916 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:02" (1/1) ... [2024-11-08 15:17:02,965 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:17:03,255 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2024-11-08 15:17:03,306 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:03,323 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:17:03,333 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-11-08 15:17:03,334 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] [2024-11-08 15:17:03,335 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [521] [2024-11-08 15:17:03,335 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [530] [2024-11-08 15:17:03,336 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [581] [2024-11-08 15:17:03,336 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-11-08 15:17:03,336 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [760] [2024-11-08 15:17:03,336 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-11-08 15:17:03,385 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2024-11-08 15:17:03,404 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:03,432 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:17:03,433 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03 WrapperNode [2024-11-08 15:17:03,433 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:03,434 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:03,434 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:17:03,434 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:17:03,441 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,458 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,493 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 215 [2024-11-08 15:17:03,494 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:03,495 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:17:03,496 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:17:03,496 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:17:03,510 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,510 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,512 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,547 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:17:03,547 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,548 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,551 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,558 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,563 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,567 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,569 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:17:03,571 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:17:03,571 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:17:03,571 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:17:03,572 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,578 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:03,589 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:03,607 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:17:03,611 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:17:03,659 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:17:03,660 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:17:03,661 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:17:03,661 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:17:03,661 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:17:03,661 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:17:03,661 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:17:03,661 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:03,662 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:03,662 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:17:03,662 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:17:03,662 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 15:17:03,663 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 15:17:03,663 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:17:03,663 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:17:03,664 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:17:03,664 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:17:03,664 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:17:03,665 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:17:03,665 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:17:03,755 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:17:03,758 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:17:04,036 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-11-08 15:17:04,037 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:17:04,055 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:17:04,074 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:17:04,076 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:04 BoogieIcfgContainer [2024-11-08 15:17:04,077 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:17:04,080 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:17:04,080 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:17:04,084 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:17:04,084 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:17:02" (1/3) ... [2024-11-08 15:17:04,084 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e9f2000 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:04, skipping insertion in model container [2024-11-08 15:17:04,085 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (2/3) ... [2024-11-08 15:17:04,085 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e9f2000 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:04, skipping insertion in model container [2024-11-08 15:17:04,085 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:04" (3/3) ... [2024-11-08 15:17:04,086 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product52.cil.c [2024-11-08 15:17:04,115 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:17:04,116 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:17:04,187 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:17:04,196 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@185da80e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:17:04,197 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:17:04,201 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 85 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 15:17:04,211 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:17:04,212 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:04,213 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:04,214 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:04,220 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:04,221 INFO L85 PathProgramCache]: Analyzing trace with hash 1209028345, now seen corresponding path program 1 times [2024-11-08 15:17:04,230 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:04,231 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1154598182] [2024-11-08 15:17:04,231 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:04,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:04,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,465 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 15:17:04,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,477 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:17:04,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,489 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:04,490 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:04,491 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1154598182] [2024-11-08 15:17:04,492 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1154598182] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:04,492 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:04,492 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:17:04,494 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1065829951] [2024-11-08 15:17:04,494 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:04,499 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:17:04,499 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:04,527 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:17:04,527 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:04,531 INFO L87 Difference]: Start difference. First operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 85 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,559 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:04,560 INFO L93 Difference]: Finished difference Result 191 states and 258 transitions. [2024-11-08 15:17:04,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:17:04,562 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 15:17:04,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:04,569 INFO L225 Difference]: With dead ends: 191 [2024-11-08 15:17:04,569 INFO L226 Difference]: Without dead ends: 91 [2024-11-08 15:17:04,573 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:04,575 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:04,576 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:04,590 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-11-08 15:17:04,610 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2024-11-08 15:17:04,611 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 77 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:17:04,614 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2024-11-08 15:17:04,616 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 32 [2024-11-08 15:17:04,616 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:04,617 INFO L471 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2024-11-08 15:17:04,617 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,617 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2024-11-08 15:17:04,619 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 15:17:04,619 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:04,620 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:04,620 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:17:04,620 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:04,621 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:04,621 INFO L85 PathProgramCache]: Analyzing trace with hash 819571873, now seen corresponding path program 1 times [2024-11-08 15:17:04,621 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:04,622 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1029220705] [2024-11-08 15:17:04,622 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:04,622 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:04,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,749 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:17:04,752 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,758 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 15:17:04,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,764 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:04,764 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:04,764 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1029220705] [2024-11-08 15:17:04,765 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1029220705] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:04,765 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:04,765 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:17:04,765 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [788731350] [2024-11-08 15:17:04,766 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:04,767 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:17:04,767 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:04,768 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:17:04,768 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:04,768 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,788 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:04,788 INFO L93 Difference]: Finished difference Result 142 states and 182 transitions. [2024-11-08 15:17:04,789 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:17:04,789 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 15:17:04,789 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:04,790 INFO L225 Difference]: With dead ends: 142 [2024-11-08 15:17:04,790 INFO L226 Difference]: Without dead ends: 82 [2024-11-08 15:17:04,791 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:04,792 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 17 mSDsluCounter, 82 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 186 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:04,793 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 186 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:04,794 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2024-11-08 15:17:04,805 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2024-11-08 15:17:04,805 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 71 states have internal predecessors, (83), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-08 15:17:04,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2024-11-08 15:17:04,810 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 33 [2024-11-08 15:17:04,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:04,810 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2024-11-08 15:17:04,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,810 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2024-11-08 15:17:04,812 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-08 15:17:04,812 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:04,812 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:04,812 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:17:04,813 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:04,813 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:04,813 INFO L85 PathProgramCache]: Analyzing trace with hash -1285533544, now seen corresponding path program 1 times [2024-11-08 15:17:04,813 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:04,814 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [749490047] [2024-11-08 15:17:04,814 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:04,815 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:04,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,001 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:17:05,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,011 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-08 15:17:05,014 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,017 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:05,019 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,019 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [749490047] [2024-11-08 15:17:05,020 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [749490047] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,020 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,020 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:05,020 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [598626475] [2024-11-08 15:17:05,021 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,021 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:05,022 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,022 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:05,023 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:05,023 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:05,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,103 INFO L93 Difference]: Finished difference Result 203 states and 264 transitions. [2024-11-08 15:17:05,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:17:05,104 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-08 15:17:05,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,106 INFO L225 Difference]: With dead ends: 203 [2024-11-08 15:17:05,106 INFO L226 Difference]: Without dead ends: 129 [2024-11-08 15:17:05,107 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:05,109 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 94 mSDsluCounter, 289 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 406 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,111 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 406 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:05,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2024-11-08 15:17:05,134 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 126. [2024-11-08 15:17:05,135 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 96 states have (on average 1.3333333333333333) internal successors, (128), 107 states have internal predecessors, (128), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2024-11-08 15:17:05,136 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 163 transitions. [2024-11-08 15:17:05,138 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 163 transitions. Word has length 38 [2024-11-08 15:17:05,139 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,139 INFO L471 AbstractCegarLoop]: Abstraction has 126 states and 163 transitions. [2024-11-08 15:17:05,139 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:05,139 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 163 transitions. [2024-11-08 15:17:05,141 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 15:17:05,141 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,141 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,141 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:17:05,142 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,142 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,142 INFO L85 PathProgramCache]: Analyzing trace with hash -1848173569, now seen corresponding path program 1 times [2024-11-08 15:17:05,142 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,143 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1216491545] [2024-11-08 15:17:05,143 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,143 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,267 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:17:05,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,273 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 15:17:05,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,294 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:17:05,294 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,294 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1216491545] [2024-11-08 15:17:05,294 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1216491545] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,295 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,295 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:05,295 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1202645370] [2024-11-08 15:17:05,295 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,296 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:05,296 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,297 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:05,298 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:05,298 INFO L87 Difference]: Start difference. First operand 126 states and 163 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:05,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,468 INFO L93 Difference]: Finished difference Result 283 states and 376 transitions. [2024-11-08 15:17:05,470 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:05,470 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2024-11-08 15:17:05,470 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,472 INFO L225 Difference]: With dead ends: 283 [2024-11-08 15:17:05,475 INFO L226 Difference]: Without dead ends: 165 [2024-11-08 15:17:05,476 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:05,477 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 49 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 451 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,477 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 451 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:05,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 165 states. [2024-11-08 15:17:05,504 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 165 to 164. [2024-11-08 15:17:05,505 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 164 states, 125 states have (on average 1.272) internal successors, (159), 135 states have internal predecessors, (159), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2024-11-08 15:17:05,506 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 164 states to 164 states and 207 transitions. [2024-11-08 15:17:05,508 INFO L78 Accepts]: Start accepts. Automaton has 164 states and 207 transitions. Word has length 41 [2024-11-08 15:17:05,510 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,510 INFO L471 AbstractCegarLoop]: Abstraction has 164 states and 207 transitions. [2024-11-08 15:17:05,510 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:05,511 INFO L276 IsEmpty]: Start isEmpty. Operand 164 states and 207 transitions. [2024-11-08 15:17:05,512 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:17:05,516 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,516 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,516 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:17:05,517 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,517 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,517 INFO L85 PathProgramCache]: Analyzing trace with hash -1678713476, now seen corresponding path program 1 times [2024-11-08 15:17:05,517 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,517 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1310240202] [2024-11-08 15:17:05,517 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,518 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,614 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:17:05,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:17:05,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,662 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:17:05,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,665 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:05,667 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,667 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1310240202] [2024-11-08 15:17:05,667 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1310240202] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,667 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,667 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:05,668 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1062514163] [2024-11-08 15:17:05,669 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,670 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:05,670 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,671 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:05,671 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:05,671 INFO L87 Difference]: Start difference. First operand 164 states and 207 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:05,834 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,835 INFO L93 Difference]: Finished difference Result 348 states and 445 transitions. [2024-11-08 15:17:05,835 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:17:05,835 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:17:05,836 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,837 INFO L225 Difference]: With dead ends: 348 [2024-11-08 15:17:05,838 INFO L226 Difference]: Without dead ends: 192 [2024-11-08 15:17:05,839 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:05,840 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 56 mSDsluCounter, 300 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 391 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,840 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 391 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:05,842 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 192 states. [2024-11-08 15:17:05,865 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 192 to 190. [2024-11-08 15:17:05,866 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 146 states have (on average 1.2602739726027397) internal successors, (184), 156 states have internal predecessors, (184), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (32), 24 states have call predecessors, (32), 23 states have call successors, (32) [2024-11-08 15:17:05,868 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 239 transitions. [2024-11-08 15:17:05,869 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 239 transitions. Word has length 52 [2024-11-08 15:17:05,869 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,869 INFO L471 AbstractCegarLoop]: Abstraction has 190 states and 239 transitions. [2024-11-08 15:17:05,870 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:05,870 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 239 transitions. [2024-11-08 15:17:05,872 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:17:05,872 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,873 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,873 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:17:05,873 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,873 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,874 INFO L85 PathProgramCache]: Analyzing trace with hash 927310078, now seen corresponding path program 1 times [2024-11-08 15:17:05,874 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,874 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [708023213] [2024-11-08 15:17:05,874 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,874 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,926 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:17:05,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,932 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:17:05,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,954 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:17:05,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,958 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:05,958 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,958 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [708023213] [2024-11-08 15:17:05,958 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [708023213] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,958 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,958 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:05,959 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1452879752] [2024-11-08 15:17:05,959 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,959 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:05,959 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,960 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:05,960 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:05,960 INFO L87 Difference]: Start difference. First operand 190 states and 239 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,090 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,091 INFO L93 Difference]: Finished difference Result 376 states and 484 transitions. [2024-11-08 15:17:06,091 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:17:06,091 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:17:06,092 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,093 INFO L225 Difference]: With dead ends: 376 [2024-11-08 15:17:06,093 INFO L226 Difference]: Without dead ends: 194 [2024-11-08 15:17:06,094 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:06,098 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 55 mSDsluCounter, 214 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,098 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 306 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:06,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2024-11-08 15:17:06,123 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 192. [2024-11-08 15:17:06,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 148 states have (on average 1.2567567567567568) internal successors, (186), 158 states have internal predecessors, (186), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (32), 24 states have call predecessors, (32), 23 states have call successors, (32) [2024-11-08 15:17:06,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 241 transitions. [2024-11-08 15:17:06,127 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 241 transitions. Word has length 52 [2024-11-08 15:17:06,127 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,128 INFO L471 AbstractCegarLoop]: Abstraction has 192 states and 241 transitions. [2024-11-08 15:17:06,128 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,130 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 241 transitions. [2024-11-08 15:17:06,131 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:17:06,131 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,131 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,131 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:17:06,132 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,132 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,132 INFO L85 PathProgramCache]: Analyzing trace with hash -856238297, now seen corresponding path program 1 times [2024-11-08 15:17:06,132 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,132 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [73258575] [2024-11-08 15:17:06,133 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,133 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,187 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:17:06,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-08 15:17:06,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,202 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:17:06,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,207 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,207 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,207 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [73258575] [2024-11-08 15:17:06,207 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [73258575] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,207 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,207 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-08 15:17:06,208 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1629781989] [2024-11-08 15:17:06,208 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,208 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-08 15:17:06,209 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,209 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-08 15:17:06,209 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-08 15:17:06,209 INFO L87 Difference]: Start difference. First operand 192 states and 241 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,344 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,344 INFO L93 Difference]: Finished difference Result 380 states and 477 transitions. [2024-11-08 15:17:06,345 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:17:06,345 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 15:17:06,346 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,347 INFO L225 Difference]: With dead ends: 380 [2024-11-08 15:17:06,349 INFO L226 Difference]: Without dead ends: 196 [2024-11-08 15:17:06,350 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:06,350 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 93 mSDsluCounter, 147 mSDsCounter, 0 mSdLazyCounter, 75 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 264 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 75 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,353 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 264 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 75 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:06,354 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 196 states. [2024-11-08 15:17:06,371 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 196 to 192. [2024-11-08 15:17:06,372 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 148 states have (on average 1.25) internal successors, (185), 158 states have internal predecessors, (185), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-08 15:17:06,373 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 238 transitions. [2024-11-08 15:17:06,374 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 238 transitions. Word has length 55 [2024-11-08 15:17:06,374 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,374 INFO L471 AbstractCegarLoop]: Abstraction has 192 states and 238 transitions. [2024-11-08 15:17:06,374 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,375 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 238 transitions. [2024-11-08 15:17:06,375 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:17:06,375 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,376 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,376 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:17:06,376 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,377 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,377 INFO L85 PathProgramCache]: Analyzing trace with hash 1350011904, now seen corresponding path program 1 times [2024-11-08 15:17:06,377 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,377 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [463468081] [2024-11-08 15:17:06,377 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,377 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,445 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:17:06,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,453 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-08 15:17:06,456 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,473 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-08 15:17:06,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,476 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,477 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,477 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [463468081] [2024-11-08 15:17:06,477 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [463468081] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,477 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,477 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:06,477 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [481008283] [2024-11-08 15:17:06,477 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,478 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:06,478 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,482 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:06,482 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:06,483 INFO L87 Difference]: Start difference. First operand 192 states and 238 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,727 INFO L93 Difference]: Finished difference Result 589 states and 754 transitions. [2024-11-08 15:17:06,727 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:06,727 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-08 15:17:06,728 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,730 INFO L225 Difference]: With dead ends: 589 [2024-11-08 15:17:06,731 INFO L226 Difference]: Without dead ends: 405 [2024-11-08 15:17:06,732 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:06,733 INFO L432 NwaCegarLoop]: 136 mSDtfsCounter, 225 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 325 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,733 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 325 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:06,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 405 states. [2024-11-08 15:17:06,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 405 to 403. [2024-11-08 15:17:06,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 308 states have (on average 1.2207792207792207) internal successors, (376), 326 states have internal predecessors, (376), 52 states have call successors, (52), 42 states have call predecessors, (52), 42 states have return successors, (72), 51 states have call predecessors, (72), 52 states have call successors, (72) [2024-11-08 15:17:06,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 500 transitions. [2024-11-08 15:17:06,777 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 500 transitions. Word has length 52 [2024-11-08 15:17:06,777 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,779 INFO L471 AbstractCegarLoop]: Abstraction has 403 states and 500 transitions. [2024-11-08 15:17:06,779 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,779 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 500 transitions. [2024-11-08 15:17:06,780 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-08 15:17:06,780 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,780 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,780 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:17:06,781 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,781 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,781 INFO L85 PathProgramCache]: Analyzing trace with hash 338031322, now seen corresponding path program 1 times [2024-11-08 15:17:06,783 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,783 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [166615575] [2024-11-08 15:17:06,783 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,784 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,915 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:06,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,973 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:17:06,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-08 15:17:06,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,994 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-08 15:17:06,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,000 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:07,000 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,000 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [166615575] [2024-11-08 15:17:07,001 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [166615575] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:07,001 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:07,001 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-08 15:17:07,001 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1742507860] [2024-11-08 15:17:07,001 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:07,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-08 15:17:07,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:07,002 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-08 15:17:07,002 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:07,003 INFO L87 Difference]: Start difference. First operand 403 states and 500 transitions. Second operand has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:07,589 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:07,589 INFO L93 Difference]: Finished difference Result 1175 states and 1506 transitions. [2024-11-08 15:17:07,590 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-08 15:17:07,590 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-11-08 15:17:07,590 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:07,596 INFO L225 Difference]: With dead ends: 1175 [2024-11-08 15:17:07,596 INFO L226 Difference]: Without dead ends: 868 [2024-11-08 15:17:07,599 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:17:07,601 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 460 mSDsluCounter, 490 mSDsCounter, 0 mSdLazyCounter, 443 mSolverCounterSat, 135 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 467 SdHoareTripleChecker+Valid, 604 SdHoareTripleChecker+Invalid, 578 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 135 IncrementalHoareTripleChecker+Valid, 443 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:07,601 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [467 Valid, 604 Invalid, 578 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [135 Valid, 443 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-08 15:17:07,603 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 868 states. [2024-11-08 15:17:07,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 868 to 747. [2024-11-08 15:17:07,667 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 747 states, 571 states have (on average 1.2189141856392294) internal successors, (696), 608 states have internal predecessors, (696), 95 states have call successors, (95), 72 states have call predecessors, (95), 80 states have return successors, (135), 94 states have call predecessors, (135), 95 states have call successors, (135) [2024-11-08 15:17:07,674 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 747 states to 747 states and 926 transitions. [2024-11-08 15:17:07,675 INFO L78 Accepts]: Start accepts. Automaton has 747 states and 926 transitions. Word has length 56 [2024-11-08 15:17:07,675 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:07,676 INFO L471 AbstractCegarLoop]: Abstraction has 747 states and 926 transitions. [2024-11-08 15:17:07,676 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.0) internal successors, (45), 7 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:07,676 INFO L276 IsEmpty]: Start isEmpty. Operand 747 states and 926 transitions. [2024-11-08 15:17:07,677 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2024-11-08 15:17:07,678 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:07,678 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:07,678 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:17:07,678 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:07,679 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:07,679 INFO L85 PathProgramCache]: Analyzing trace with hash 836408910, now seen corresponding path program 1 times [2024-11-08 15:17:07,679 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:07,679 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1536474806] [2024-11-08 15:17:07,679 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,680 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:07,702 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,839 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:07,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 15:17:07,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,887 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:07,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,901 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:07,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,912 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2024-11-08 15:17:07,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,928 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2024-11-08 15:17:07,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,931 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:07,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,937 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2024-11-08 15:17:07,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,939 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:07,939 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,939 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1536474806] [2024-11-08 15:17:07,940 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1536474806] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:17:07,940 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [607428427] [2024-11-08 15:17:07,940 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,940 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:07,940 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:07,944 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:17:07,945 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:17:08,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,055 INFO L255 TraceCheckSpWp]: Trace formula consists of 323 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:17:08,070 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:17:08,269 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:17:08,271 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:17:08,515 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:08,516 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [607428427] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:17:08,516 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:17:08,516 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-08 15:17:08,516 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1314992790] [2024-11-08 15:17:08,516 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:17:08,517 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-08 15:17:08,517 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:08,518 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-08 15:17:08,518 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-08 15:17:08,518 INFO L87 Difference]: Start difference. First operand 747 states and 926 transitions. Second operand has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:17:09,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:09,739 INFO L93 Difference]: Finished difference Result 1713 states and 2190 transitions. [2024-11-08 15:17:09,739 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-11-08 15:17:09,739 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 98 [2024-11-08 15:17:09,740 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:09,746 INFO L225 Difference]: With dead ends: 1713 [2024-11-08 15:17:09,747 INFO L226 Difference]: Without dead ends: 1058 [2024-11-08 15:17:09,750 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 263 GetRequests, 214 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 551 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=400, Invalid=1762, Unknown=0, NotChecked=0, Total=2162 [2024-11-08 15:17:09,751 INFO L432 NwaCegarLoop]: 192 mSDtfsCounter, 362 mSDsluCounter, 1347 mSDsCounter, 0 mSdLazyCounter, 1077 mSolverCounterSat, 125 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 369 SdHoareTripleChecker+Valid, 1539 SdHoareTripleChecker+Invalid, 1202 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 125 IncrementalHoareTripleChecker+Valid, 1077 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:09,752 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [369 Valid, 1539 Invalid, 1202 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [125 Valid, 1077 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-08 15:17:09,753 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1058 states. [2024-11-08 15:17:09,841 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1058 to 844. [2024-11-08 15:17:09,843 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 844 states, 636 states have (on average 1.1965408805031446) internal successors, (761), 685 states have internal predecessors, (761), 112 states have call successors, (112), 93 states have call predecessors, (112), 95 states have return successors, (138), 100 states have call predecessors, (138), 112 states have call successors, (138) [2024-11-08 15:17:09,846 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 844 states to 844 states and 1011 transitions. [2024-11-08 15:17:09,847 INFO L78 Accepts]: Start accepts. Automaton has 844 states and 1011 transitions. Word has length 98 [2024-11-08 15:17:09,848 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:09,848 INFO L471 AbstractCegarLoop]: Abstraction has 844 states and 1011 transitions. [2024-11-08 15:17:09,848 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:17:09,848 INFO L276 IsEmpty]: Start isEmpty. Operand 844 states and 1011 transitions. [2024-11-08 15:17:09,852 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2024-11-08 15:17:09,852 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:09,853 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:09,870 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:17:10,056 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 15:17:10,057 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:10,057 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:10,057 INFO L85 PathProgramCache]: Analyzing trace with hash 305502577, now seen corresponding path program 1 times [2024-11-08 15:17:10,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:10,058 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [483074225] [2024-11-08 15:17:10,058 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:10,058 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:10,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,154 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:10,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,163 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 15:17:10,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,170 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,172 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,178 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:10,180 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,182 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-08 15:17:10,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,190 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,192 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,193 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:10,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,195 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:10,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2024-11-08 15:17:10,200 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,229 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:10,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,233 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2024-11-08 15:17:10,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,235 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 151 [2024-11-08 15:17:10,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 167 [2024-11-08 15:17:10,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,248 INFO L134 CoverageAnalysis]: Checked inductivity of 192 backedges. 77 proven. 0 refuted. 0 times theorem prover too weak. 115 trivial. 0 not checked. [2024-11-08 15:17:10,249 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:10,250 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [483074225] [2024-11-08 15:17:10,250 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [483074225] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:10,251 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:10,251 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:17:10,251 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1601733434] [2024-11-08 15:17:10,251 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:10,251 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:17:10,251 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:10,252 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:17:10,252 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:17:10,252 INFO L87 Difference]: Start difference. First operand 844 states and 1011 transitions. Second operand has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-08 15:17:10,557 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:10,557 INFO L93 Difference]: Finished difference Result 1605 states and 1934 transitions. [2024-11-08 15:17:10,557 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-08 15:17:10,558 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 175 [2024-11-08 15:17:10,558 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:10,563 INFO L225 Difference]: With dead ends: 1605 [2024-11-08 15:17:10,563 INFO L226 Difference]: Without dead ends: 853 [2024-11-08 15:17:10,566 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:17:10,566 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 151 mSDsluCounter, 315 mSDsCounter, 0 mSdLazyCounter, 280 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 156 SdHoareTripleChecker+Valid, 394 SdHoareTripleChecker+Invalid, 323 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 280 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:10,566 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [156 Valid, 394 Invalid, 323 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 280 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:10,567 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 853 states. [2024-11-08 15:17:10,628 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 853 to 853. [2024-11-08 15:17:10,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 853 states, 645 states have (on average 1.193798449612403) internal successors, (770), 694 states have internal predecessors, (770), 112 states have call successors, (112), 93 states have call predecessors, (112), 95 states have return successors, (138), 100 states have call predecessors, (138), 112 states have call successors, (138) [2024-11-08 15:17:10,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 853 states to 853 states and 1020 transitions. [2024-11-08 15:17:10,635 INFO L78 Accepts]: Start accepts. Automaton has 853 states and 1020 transitions. Word has length 175 [2024-11-08 15:17:10,635 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:10,635 INFO L471 AbstractCegarLoop]: Abstraction has 853 states and 1020 transitions. [2024-11-08 15:17:10,635 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-08 15:17:10,636 INFO L276 IsEmpty]: Start isEmpty. Operand 853 states and 1020 transitions. [2024-11-08 15:17:10,639 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2024-11-08 15:17:10,639 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:10,639 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:10,639 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-08 15:17:10,640 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:10,640 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:10,640 INFO L85 PathProgramCache]: Analyzing trace with hash 866202355, now seen corresponding path program 1 times [2024-11-08 15:17:10,640 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:10,640 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1547515223] [2024-11-08 15:17:10,641 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:10,641 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:10,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,878 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:10,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,892 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 15:17:10,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,918 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,926 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:10,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,931 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-08 15:17:10,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,998 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:10,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,001 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:11,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,002 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2024-11-08 15:17:11,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,036 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:11,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,039 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:11,040 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,041 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2024-11-08 15:17:11,042 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,043 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 151 [2024-11-08 15:17:11,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,058 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 167 [2024-11-08 15:17:11,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,061 INFO L134 CoverageAnalysis]: Checked inductivity of 192 backedges. 85 proven. 45 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2024-11-08 15:17:11,061 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:11,061 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1547515223] [2024-11-08 15:17:11,061 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1547515223] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:17:11,062 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [800516213] [2024-11-08 15:17:11,062 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:11,062 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:11,062 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:11,063 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:17:11,065 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-08 15:17:11,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,186 INFO L255 TraceCheckSpWp]: Trace formula consists of 518 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-08 15:17:11,191 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:17:11,362 INFO L134 CoverageAnalysis]: Checked inductivity of 192 backedges. 140 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2024-11-08 15:17:11,362 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:17:11,780 INFO L134 CoverageAnalysis]: Checked inductivity of 192 backedges. 81 proven. 41 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2024-11-08 15:17:11,781 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [800516213] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:17:11,781 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:17:11,781 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 24 [2024-11-08 15:17:11,781 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1534702284] [2024-11-08 15:17:11,782 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:17:11,782 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-08 15:17:11,782 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:11,783 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-08 15:17:11,784 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=117, Invalid=435, Unknown=0, NotChecked=0, Total=552 [2024-11-08 15:17:11,784 INFO L87 Difference]: Start difference. First operand 853 states and 1020 transitions. Second operand has 24 states, 24 states have (on average 9.791666666666666) internal successors, (235), 21 states have internal predecessors, (235), 10 states have call successors, (33), 9 states have call predecessors, (33), 11 states have return successors, (33), 10 states have call predecessors, (33), 10 states have call successors, (33) [2024-11-08 15:17:12,983 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:12,983 INFO L93 Difference]: Finished difference Result 1854 states and 2284 transitions. [2024-11-08 15:17:12,984 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-08 15:17:12,984 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 9.791666666666666) internal successors, (235), 21 states have internal predecessors, (235), 10 states have call successors, (33), 9 states have call predecessors, (33), 11 states have return successors, (33), 10 states have call predecessors, (33), 10 states have call successors, (33) Word has length 175 [2024-11-08 15:17:12,984 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:12,985 INFO L225 Difference]: With dead ends: 1854 [2024-11-08 15:17:12,986 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:17:12,990 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 423 GetRequests, 372 SyntacticMatches, 3 SemanticMatches, 48 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 515 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=514, Invalid=1936, Unknown=0, NotChecked=0, Total=2450 [2024-11-08 15:17:12,991 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 480 mSDsluCounter, 1015 mSDsCounter, 0 mSdLazyCounter, 1276 mSolverCounterSat, 162 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 486 SdHoareTripleChecker+Valid, 1128 SdHoareTripleChecker+Invalid, 1438 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 162 IncrementalHoareTripleChecker+Valid, 1276 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:12,991 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [486 Valid, 1128 Invalid, 1438 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [162 Valid, 1276 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-08 15:17:12,992 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:17:12,992 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:17:12,992 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:17:12,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:17:12,993 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 175 [2024-11-08 15:17:12,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:12,994 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:17:12,994 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 9.791666666666666) internal successors, (235), 21 states have internal predecessors, (235), 10 states have call successors, (33), 9 states have call predecessors, (33), 11 states have return successors, (33), 10 states have call predecessors, (33), 10 states have call successors, (33) [2024-11-08 15:17:12,994 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:17:12,994 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:17:12,997 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:17:13,014 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-08 15:17:13,201 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-08 15:17:13,204 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:13,206 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:17:18,450 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:17:18,467 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 1) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-08 15:17:18,493 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-08 15:17:18,512 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 1)) (.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= 2 ~waterLevel~0) .cse2 .cse1) (and .cse0 .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 .cse1) (and (<= 1 ~pumpRunning~0) .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-08 15:17:18,518 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (<= |old(~waterLevel~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (not (= 0 ~systemActive~0))) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1) (and .cse2 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse3) (and .cse2 .cse3 .cse4) (and .cse0 .cse4))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (= ~pumpRunning~0 0)) (.cse4 (<= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1) (and .cse0 .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse4))) [2024-11-08 15:17:18,526 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:17:18 BoogieIcfgContainer [2024-11-08 15:17:18,527 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:17:18,527 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:17:18,527 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:17:18,528 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:17:18,528 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:04" (3/4) ... [2024-11-08 15:17:18,530 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:17:18,534 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:17:18,534 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:17:18,534 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:17:18,534 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:17:18,534 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:17:18,535 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:18,535 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:17:18,535 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 15:17:18,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-08 15:17:18,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:17:18,542 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:17:18,542 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:18,542 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:18,676 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:17:18,677 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:17:18,677 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:17:18,678 INFO L158 Benchmark]: Toolchain (without parser) took 15773.32ms. Allocated memory was 176.2MB in the beginning and 264.2MB in the end (delta: 88.1MB). Free memory was 115.6MB in the beginning and 231.1MB in the end (delta: -115.5MB). Peak memory consumption was 128.9MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,680 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 176.2MB. Free memory is still 138.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:17:18,680 INFO L158 Benchmark]: CACSL2BoogieTranslator took 526.35ms. Allocated memory is still 176.2MB. Free memory was 115.6MB in the beginning and 93.6MB in the end (delta: 22.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,680 INFO L158 Benchmark]: Boogie Procedure Inliner took 60.43ms. Allocated memory is still 176.2MB. Free memory was 93.6MB in the beginning and 91.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,680 INFO L158 Benchmark]: Boogie Preprocessor took 75.05ms. Allocated memory is still 176.2MB. Free memory was 91.0MB in the beginning and 88.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,681 INFO L158 Benchmark]: RCFGBuilder took 506.87ms. Allocated memory is still 176.2MB. Free memory was 88.9MB in the beginning and 144.3MB in the end (delta: -55.5MB). Peak memory consumption was 24.6MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,681 INFO L158 Benchmark]: TraceAbstraction took 14446.77ms. Allocated memory was 176.2MB in the beginning and 264.2MB in the end (delta: 88.1MB). Free memory was 143.6MB in the beginning and 83.2MB in the end (delta: 60.4MB). Peak memory consumption was 156.7MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,681 INFO L158 Benchmark]: Witness Printer took 149.86ms. Allocated memory is still 264.2MB. Free memory was 83.2MB in the beginning and 231.1MB in the end (delta: -147.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-08 15:17:18,682 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 176.2MB. Free memory is still 138.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 526.35ms. Allocated memory is still 176.2MB. Free memory was 115.6MB in the beginning and 93.6MB in the end (delta: 22.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 60.43ms. Allocated memory is still 176.2MB. Free memory was 93.6MB in the beginning and 91.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 75.05ms. Allocated memory is still 176.2MB. Free memory was 91.0MB in the beginning and 88.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 506.87ms. Allocated memory is still 176.2MB. Free memory was 88.9MB in the beginning and 144.3MB in the end (delta: -55.5MB). Peak memory consumption was 24.6MB. Max. memory is 16.1GB. * TraceAbstraction took 14446.77ms. Allocated memory was 176.2MB in the beginning and 264.2MB in the end (delta: 88.1MB). Free memory was 143.6MB in the beginning and 83.2MB in the end (delta: 60.4MB). Peak memory consumption was 156.7MB. Max. memory is 16.1GB. * Witness Printer took 149.86ms. Allocated memory is still 264.2MB. Free memory was 83.2MB in the beginning and 231.1MB in the end (delta: -147.9MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] - GenericResultAtLocation [Line: 521]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [521] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [530] - GenericResultAtLocation [Line: 581]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [581] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 760]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [760] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 526]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.0s, OverallIterations: 12, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2094 SdHoareTripleChecker+Valid, 2.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2042 mSDsluCounter, 6120 SdHoareTripleChecker+Invalid, 2.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4734 mSDsCounter, 584 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3576 IncrementalHoareTripleChecker+Invalid, 4160 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 584 mSolverCounterUnsat, 1386 mSDtfsCounter, 3576 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 849 GetRequests, 684 SyntacticMatches, 7 SemanticMatches, 158 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1167 ImplicationChecksByTransitivity, 1.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=853occurred in iteration=11, InterpolantAutomatonStates: 140, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 12 MinimizatonAttempts, 349 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.9s InterpolantComputationTime, 1132 NumberOfCodeBlocks, 1132 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 1389 ConstructedInterpolants, 0 QuantifiedInterpolants, 2839 SizeOfPredicates, 2 NumberOfNonLiveVariables, 841 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 16 InterpolantComputations, 10 PerfectInterpolantSequences, 781/897 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 702]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0))) - InvariantResult [Line: 701]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 860]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((waterLevel <= 1) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((2 == waterLevel) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 793]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 613]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 766]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((((0 != systemActive) || ((pumpRunning == 0) && (\old(pumpRunning) == 0))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && (((\old(pumpRunning) == 0) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || (((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((\old(waterLevel) != 1) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)))) && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 418]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 801]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((((waterLevel <= 1) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || ((\old(pumpRunning) == 0) && (0 != systemActive))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 601]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (2 == waterLevel))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 1))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && (((((pumpRunning == 0) && (\old(waterLevel) <= 1)) || ((((1 <= pumpRunning) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2))) || ((pumpRunning == 0) && (\old(waterLevel) == 2)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 879]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((((((pumpRunning == 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((1 <= pumpRunning) && (1 <= switchedOnBeforeTS))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && ((2 == waterLevel) || (waterLevel < 2))) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:17:18,720 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE