./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:17:02,863 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:17:02,953 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:17:02,961 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:17:02,962 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:17:02,985 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:17:02,986 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:17:02,986 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:17:02,987 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:17:02,988 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:17:02,988 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:17:02,988 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:17:02,989 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:17:02,989 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:17:02,989 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:17:02,990 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:17:02,990 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:17:02,994 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:17:02,994 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:17:02,994 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:17:02,994 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:17:02,995 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:17:02,996 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:17:02,996 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:17:02,996 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:17:02,996 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:17:02,997 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:17:02,997 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:17:02,997 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:17:02,997 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:17:02,998 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:17:02,998 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:17:02,999 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:02,999 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:17:02,999 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:17:02,999 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:17:03,000 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:17:03,000 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:17:03,000 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:17:03,000 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:17:03,001 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:17:03,001 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:17:03,001 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 [2024-11-08 15:17:03,249 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:17:03,272 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:17:03,276 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:17:03,277 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:17:03,278 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:17:03,280 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-11-08 15:17:04,754 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:17:05,024 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:17:05,025 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-11-08 15:17:05,043 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/bd9e191fb/d7a2d06b7a8740f49f5708962c0bc59d/FLAG277441127 [2024-11-08 15:17:05,056 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/bd9e191fb/d7a2d06b7a8740f49f5708962c0bc59d [2024-11-08 15:17:05,059 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:17:05,061 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:17:05,063 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:05,064 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:17:05,069 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:17:05,069 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,070 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@104bd9af and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05, skipping insertion in model container [2024-11-08 15:17:05,072 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,114 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:17:05,297 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-11-08 15:17:05,420 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:05,434 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:17:05,448 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-08 15:17:05,450 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-08 15:17:05,450 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] [2024-11-08 15:17:05,451 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] [2024-11-08 15:17:05,451 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] [2024-11-08 15:17:05,451 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] [2024-11-08 15:17:05,451 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] [2024-11-08 15:17:05,451 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] [2024-11-08 15:17:05,459 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-11-08 15:17:05,538 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:05,562 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:17:05,563 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05 WrapperNode [2024-11-08 15:17:05,563 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:05,564 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:05,564 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:17:05,564 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:17:05,571 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,589 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,633 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 232 [2024-11-08 15:17:05,633 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:05,634 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:17:05,634 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:17:05,635 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:17:05,645 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,646 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,652 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,668 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:17:05,669 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,669 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,674 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,678 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,679 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,681 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,683 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:17:05,684 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:17:05,684 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:17:05,684 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:17:05,685 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (1/1) ... [2024-11-08 15:17:05,693 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:05,705 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:05,722 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:17:05,729 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:17:05,782 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:17:05,782 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:17:05,782 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:17:05,782 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:17:05,782 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:17:05,782 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:17:05,783 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:05,783 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:17:05,783 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 15:17:05,783 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:17:05,783 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:17:05,783 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:17:05,784 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:17:05,889 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:17:05,891 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:17:06,191 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-08 15:17:06,192 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:17:06,213 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:17:06,214 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:17:06,214 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:06 BoogieIcfgContainer [2024-11-08 15:17:06,214 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:17:06,217 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:17:06,218 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:17:06,221 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:17:06,221 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:17:05" (1/3) ... [2024-11-08 15:17:06,222 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3a381097 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:06, skipping insertion in model container [2024-11-08 15:17:06,222 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:05" (2/3) ... [2024-11-08 15:17:06,223 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3a381097 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:06, skipping insertion in model container [2024-11-08 15:17:06,224 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:06" (3/3) ... [2024-11-08 15:17:06,225 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product57.cil.c [2024-11-08 15:17:06,237 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:17:06,238 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:17:06,307 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:17:06,319 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1bde895c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:17:06,320 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:17:06,323 INFO L276 IsEmpty]: Start isEmpty. Operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-08 15:17:06,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:17:06,355 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,356 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,357 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,363 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,363 INFO L85 PathProgramCache]: Analyzing trace with hash 1773170943, now seen corresponding path program 1 times [2024-11-08 15:17:06,371 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,371 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1040218738] [2024-11-08 15:17:06,371 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 15:17:06,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,554 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:17:06,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,561 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,561 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,562 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1040218738] [2024-11-08 15:17:06,563 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1040218738] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,563 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,563 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:17:06,564 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [542981463] [2024-11-08 15:17:06,565 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,569 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:17:06,569 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,594 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:17:06,595 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:06,598 INFO L87 Difference]: Start difference. First operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:06,627 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,627 INFO L93 Difference]: Finished difference Result 183 states and 248 transitions. [2024-11-08 15:17:06,630 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:17:06,631 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 15:17:06,632 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,642 INFO L225 Difference]: With dead ends: 183 [2024-11-08 15:17:06,643 INFO L226 Difference]: Without dead ends: 87 [2024-11-08 15:17:06,648 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:06,654 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,655 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:06,673 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2024-11-08 15:17:06,697 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 87. [2024-11-08 15:17:06,698 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 75 states have internal predecessors, (89), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-08 15:17:06,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 112 transitions. [2024-11-08 15:17:06,702 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 112 transitions. Word has length 32 [2024-11-08 15:17:06,703 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,703 INFO L471 AbstractCegarLoop]: Abstraction has 87 states and 112 transitions. [2024-11-08 15:17:06,703 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:06,703 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 112 transitions. [2024-11-08 15:17:06,705 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 15:17:06,706 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,706 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,706 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:17:06,707 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,708 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,708 INFO L85 PathProgramCache]: Analyzing trace with hash -1531656934, now seen corresponding path program 1 times [2024-11-08 15:17:06,708 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,709 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1542131204] [2024-11-08 15:17:06,709 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,709 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,750 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,858 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:17:06,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,865 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 15:17:06,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,877 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,878 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,878 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1542131204] [2024-11-08 15:17:06,878 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1542131204] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,878 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,878 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:17:06,879 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1519992268] [2024-11-08 15:17:06,879 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,880 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:17:06,880 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,881 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:17:06,882 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:06,882 INFO L87 Difference]: Start difference. First operand 87 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:06,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,905 INFO L93 Difference]: Finished difference Result 139 states and 179 transitions. [2024-11-08 15:17:06,905 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:17:06,906 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 15:17:06,906 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,907 INFO L225 Difference]: With dead ends: 139 [2024-11-08 15:17:06,907 INFO L226 Difference]: Without dead ends: 78 [2024-11-08 15:17:06,907 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:06,908 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 12 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,909 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 182 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:06,912 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2024-11-08 15:17:06,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2024-11-08 15:17:06,925 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 69 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-08 15:17:06,926 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 100 transitions. [2024-11-08 15:17:06,926 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 100 transitions. Word has length 33 [2024-11-08 15:17:06,926 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,926 INFO L471 AbstractCegarLoop]: Abstraction has 78 states and 100 transitions. [2024-11-08 15:17:06,926 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:06,927 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 100 transitions. [2024-11-08 15:17:06,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-08 15:17:06,928 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,928 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,928 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:17:06,931 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,932 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,933 INFO L85 PathProgramCache]: Analyzing trace with hash 840710854, now seen corresponding path program 1 times [2024-11-08 15:17:06,934 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,934 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1519648907] [2024-11-08 15:17:06,934 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,954 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,064 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:07,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-08 15:17:07,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,073 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:07,073 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,073 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1519648907] [2024-11-08 15:17:07,073 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1519648907] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:07,074 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:07,074 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:17:07,074 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [589666687] [2024-11-08 15:17:07,074 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:07,075 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:17:07,075 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:07,075 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:17:07,076 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:07,076 INFO L87 Difference]: Start difference. First operand 78 states and 100 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:07,104 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:07,106 INFO L93 Difference]: Finished difference Result 148 states and 193 transitions. [2024-11-08 15:17:07,107 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:17:07,107 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-11-08 15:17:07,107 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:07,108 INFO L225 Difference]: With dead ends: 148 [2024-11-08 15:17:07,110 INFO L226 Difference]: Without dead ends: 78 [2024-11-08 15:17:07,111 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:07,112 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 77 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 98 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:07,115 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 98 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:07,116 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2024-11-08 15:17:07,124 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2024-11-08 15:17:07,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3064516129032258) internal successors, (81), 69 states have internal predecessors, (81), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-08 15:17:07,126 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 99 transitions. [2024-11-08 15:17:07,126 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 99 transitions. Word has length 37 [2024-11-08 15:17:07,127 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:07,127 INFO L471 AbstractCegarLoop]: Abstraction has 78 states and 99 transitions. [2024-11-08 15:17:07,127 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:07,128 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 99 transitions. [2024-11-08 15:17:07,129 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-08 15:17:07,129 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:07,129 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:07,129 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:17:07,129 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:07,130 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:07,130 INFO L85 PathProgramCache]: Analyzing trace with hash 244336530, now seen corresponding path program 1 times [2024-11-08 15:17:07,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:07,130 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [197295564] [2024-11-08 15:17:07,131 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,131 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:07,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,181 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:07,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,184 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-11-08 15:17:07,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,187 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:07,188 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,188 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [197295564] [2024-11-08 15:17:07,188 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [197295564] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:07,188 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:07,188 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:17:07,188 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [597958926] [2024-11-08 15:17:07,188 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:07,189 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:17:07,189 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:07,190 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:17:07,190 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:07,190 INFO L87 Difference]: Start difference. First operand 78 states and 99 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:07,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:07,237 INFO L93 Difference]: Finished difference Result 196 states and 255 transitions. [2024-11-08 15:17:07,238 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:17:07,238 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 45 [2024-11-08 15:17:07,238 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:07,239 INFO L225 Difference]: With dead ends: 196 [2024-11-08 15:17:07,239 INFO L226 Difference]: Without dead ends: 126 [2024-11-08 15:17:07,240 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:17:07,241 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 79 mSDsluCounter, 66 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 169 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:07,241 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 169 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:07,242 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2024-11-08 15:17:07,254 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2024-11-08 15:17:07,254 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 97 states have (on average 1.288659793814433) internal successors, (125), 105 states have internal predecessors, (125), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-08 15:17:07,256 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 157 transitions. [2024-11-08 15:17:07,256 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 157 transitions. Word has length 45 [2024-11-08 15:17:07,257 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:07,258 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 157 transitions. [2024-11-08 15:17:07,258 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:07,258 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 157 transitions. [2024-11-08 15:17:07,259 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-08 15:17:07,261 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:07,262 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:07,262 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:17:07,262 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:07,262 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:07,262 INFO L85 PathProgramCache]: Analyzing trace with hash 816783697, now seen corresponding path program 1 times [2024-11-08 15:17:07,262 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:07,263 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2086771038] [2024-11-08 15:17:07,263 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,264 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:07,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,457 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:07,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:07,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,490 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:17:07,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,494 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:17:07,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,517 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:17:07,518 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,519 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2086771038] [2024-11-08 15:17:07,519 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2086771038] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:07,520 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:07,520 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:17:07,521 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1874952223] [2024-11-08 15:17:07,521 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:07,521 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:17:07,521 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:07,522 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:17:07,524 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:07,524 INFO L87 Difference]: Start difference. First operand 124 states and 157 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:17:07,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:07,865 INFO L93 Difference]: Finished difference Result 264 states and 337 transitions. [2024-11-08 15:17:07,867 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-08 15:17:07,867 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 53 [2024-11-08 15:17:07,867 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:07,870 INFO L225 Difference]: With dead ends: 264 [2024-11-08 15:17:07,873 INFO L226 Difference]: Without dead ends: 148 [2024-11-08 15:17:07,873 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-08 15:17:07,874 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 139 mSDsluCounter, 323 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 403 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:07,875 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 403 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:07,876 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2024-11-08 15:17:07,905 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 146. [2024-11-08 15:17:07,906 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 114 states have (on average 1.263157894736842) internal successors, (144), 122 states have internal predecessors, (144), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-08 15:17:07,907 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 183 transitions. [2024-11-08 15:17:07,908 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 183 transitions. Word has length 53 [2024-11-08 15:17:07,908 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:07,909 INFO L471 AbstractCegarLoop]: Abstraction has 146 states and 183 transitions. [2024-11-08 15:17:07,909 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:17:07,909 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 183 transitions. [2024-11-08 15:17:07,910 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:17:07,911 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:07,911 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:07,911 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:17:07,911 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:07,912 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:07,912 INFO L85 PathProgramCache]: Analyzing trace with hash 1305099847, now seen corresponding path program 1 times [2024-11-08 15:17:07,912 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:07,913 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1397618528] [2024-11-08 15:17:07,913 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,913 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:07,929 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,978 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:07,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:07,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,021 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:17:08,023 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,024 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:08,025 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:08,025 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1397618528] [2024-11-08 15:17:08,025 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1397618528] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:08,025 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:08,025 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:08,026 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2052620350] [2024-11-08 15:17:08,026 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:08,026 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:08,026 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:08,027 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:08,027 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:08,027 INFO L87 Difference]: Start difference. First operand 146 states and 183 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,169 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:08,169 INFO L93 Difference]: Finished difference Result 289 states and 371 transitions. [2024-11-08 15:17:08,169 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:17:08,170 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 15:17:08,170 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:08,171 INFO L225 Difference]: With dead ends: 289 [2024-11-08 15:17:08,173 INFO L226 Difference]: Without dead ends: 151 [2024-11-08 15:17:08,174 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:08,175 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 59 mSDsluCounter, 270 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:08,178 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 352 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:08,179 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 151 states. [2024-11-08 15:17:08,196 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 151 to 149. [2024-11-08 15:17:08,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 117 states have (on average 1.2564102564102564) internal successors, (147), 125 states have internal predecessors, (147), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-08 15:17:08,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 186 transitions. [2024-11-08 15:17:08,202 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 186 transitions. Word has length 55 [2024-11-08 15:17:08,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:08,202 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 186 transitions. [2024-11-08 15:17:08,202 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,202 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 186 transitions. [2024-11-08 15:17:08,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:17:08,206 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:08,207 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:08,207 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:17:08,207 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:08,208 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:08,208 INFO L85 PathProgramCache]: Analyzing trace with hash -500338487, now seen corresponding path program 1 times [2024-11-08 15:17:08,209 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:08,209 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [373513173] [2024-11-08 15:17:08,209 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:08,209 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:08,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:08,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:08,286 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:17:08,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,309 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:08,310 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:08,310 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [373513173] [2024-11-08 15:17:08,310 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [373513173] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:08,310 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:08,310 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:08,310 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [63044753] [2024-11-08 15:17:08,310 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:08,311 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:08,311 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:08,311 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:08,312 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:08,312 INFO L87 Difference]: Start difference. First operand 149 states and 186 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,422 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:08,422 INFO L93 Difference]: Finished difference Result 294 states and 376 transitions. [2024-11-08 15:17:08,423 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:17:08,423 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 15:17:08,424 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:08,425 INFO L225 Difference]: With dead ends: 294 [2024-11-08 15:17:08,425 INFO L226 Difference]: Without dead ends: 153 [2024-11-08 15:17:08,426 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:08,426 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 58 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 276 SdHoareTripleChecker+Invalid, 98 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:08,429 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 276 Invalid, 98 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:08,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-08 15:17:08,449 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-08 15:17:08,450 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-08 15:17:08,451 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2024-11-08 15:17:08,452 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 55 [2024-11-08 15:17:08,453 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:08,453 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2024-11-08 15:17:08,453 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,453 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2024-11-08 15:17:08,454 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:17:08,454 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:08,454 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:08,454 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:17:08,454 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:08,455 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:08,455 INFO L85 PathProgramCache]: Analyzing trace with hash -359789877, now seen corresponding path program 1 times [2024-11-08 15:17:08,456 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:08,456 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2027286437] [2024-11-08 15:17:08,456 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:08,456 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:08,468 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,535 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:08,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,543 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:08,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:17:08,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,571 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:08,571 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:08,572 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2027286437] [2024-11-08 15:17:08,572 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2027286437] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:08,573 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:08,573 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:08,573 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [74318499] [2024-11-08 15:17:08,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:08,574 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:08,574 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:08,574 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:08,575 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:08,575 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,778 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:08,778 INFO L93 Difference]: Finished difference Result 423 states and 549 transitions. [2024-11-08 15:17:08,779 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:08,780 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2024-11-08 15:17:08,780 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:08,782 INFO L225 Difference]: With dead ends: 423 [2024-11-08 15:17:08,782 INFO L226 Difference]: Without dead ends: 280 [2024-11-08 15:17:08,782 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:08,783 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 214 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 221 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:08,785 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [221 Valid, 289 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:08,786 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2024-11-08 15:17:08,812 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 278. [2024-11-08 15:17:08,813 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 214 states have (on average 1.2242990654205608) internal successors, (262), 226 states have internal predecessors, (262), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-08 15:17:08,815 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 349 transitions. [2024-11-08 15:17:08,815 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 349 transitions. Word has length 55 [2024-11-08 15:17:08,816 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:08,816 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 349 transitions. [2024-11-08 15:17:08,816 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:08,816 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 349 transitions. [2024-11-08 15:17:08,817 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-08 15:17:08,817 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:08,817 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:08,817 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:17:08,818 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:08,818 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:08,818 INFO L85 PathProgramCache]: Analyzing trace with hash 1504091825, now seen corresponding path program 1 times [2024-11-08 15:17:08,818 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:08,818 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [537240042] [2024-11-08 15:17:08,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:08,819 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:08,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,968 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:08,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,976 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:17:08,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-08 15:17:08,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,011 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2024-11-08 15:17:09,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,013 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:09,015 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:09,015 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [537240042] [2024-11-08 15:17:09,015 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [537240042] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:09,015 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:09,015 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-08 15:17:09,015 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2000087032] [2024-11-08 15:17:09,015 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:09,016 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-08 15:17:09,016 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:09,017 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-08 15:17:09,017 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-08 15:17:09,017 INFO L87 Difference]: Start difference. First operand 278 states and 349 transitions. Second operand has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:09,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:09,604 INFO L93 Difference]: Finished difference Result 724 states and 957 transitions. [2024-11-08 15:17:09,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-08 15:17:09,605 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 59 [2024-11-08 15:17:09,605 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:09,608 INFO L225 Difference]: With dead ends: 724 [2024-11-08 15:17:09,608 INFO L226 Difference]: Without dead ends: 504 [2024-11-08 15:17:09,610 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-08 15:17:09,610 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 465 mSDsluCounter, 490 mSDsCounter, 0 mSdLazyCounter, 472 mSolverCounterSat, 131 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 470 SdHoareTripleChecker+Valid, 590 SdHoareTripleChecker+Invalid, 603 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 131 IncrementalHoareTripleChecker+Valid, 472 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:09,610 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [470 Valid, 590 Invalid, 603 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [131 Valid, 472 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-08 15:17:09,611 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 504 states. [2024-11-08 15:17:09,656 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 504 to 433. [2024-11-08 15:17:09,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 433 states, 335 states have (on average 1.2119402985074628) internal successors, (406), 356 states have internal predecessors, (406), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-08 15:17:09,660 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 433 states to 433 states and 540 transitions. [2024-11-08 15:17:09,661 INFO L78 Accepts]: Start accepts. Automaton has 433 states and 540 transitions. Word has length 59 [2024-11-08 15:17:09,662 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:09,662 INFO L471 AbstractCegarLoop]: Abstraction has 433 states and 540 transitions. [2024-11-08 15:17:09,662 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:09,662 INFO L276 IsEmpty]: Start isEmpty. Operand 433 states and 540 transitions. [2024-11-08 15:17:09,663 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 101 [2024-11-08 15:17:09,664 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:09,664 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:09,665 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:17:09,665 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:09,665 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:09,665 INFO L85 PathProgramCache]: Analyzing trace with hash -808581914, now seen corresponding path program 1 times [2024-11-08 15:17:09,665 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:09,666 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1351937994] [2024-11-08 15:17:09,666 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:09,666 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:09,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,813 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:09,815 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,833 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:17:09,838 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,869 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:09,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:09,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,894 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-08 15:17:09,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,908 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-08 15:17:09,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,913 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:09,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,915 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-11-08 15:17:09,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:09,917 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 8 proven. 18 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:09,917 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:09,917 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1351937994] [2024-11-08 15:17:09,917 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1351937994] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:17:09,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [20027885] [2024-11-08 15:17:09,918 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:09,918 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:09,918 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:09,920 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:17:09,922 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:17:10,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,039 INFO L255 TraceCheckSpWp]: Trace formula consists of 334 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:17:10,046 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:17:10,221 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:17:10,221 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:17:10,421 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:10,421 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [20027885] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:17:10,422 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:17:10,422 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-08 15:17:10,422 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [68333800] [2024-11-08 15:17:10,422 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:17:10,424 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-08 15:17:10,425 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:10,426 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-08 15:17:10,426 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:17:10,427 INFO L87 Difference]: Start difference. First operand 433 states and 540 transitions. Second operand has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-08 15:17:11,351 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:11,351 INFO L93 Difference]: Finished difference Result 889 states and 1136 transitions. [2024-11-08 15:17:11,351 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-08 15:17:11,352 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 100 [2024-11-08 15:17:11,352 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:11,353 INFO L225 Difference]: With dead ends: 889 [2024-11-08 15:17:11,353 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:17:11,356 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 339 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-11-08 15:17:11,357 INFO L432 NwaCegarLoop]: 160 mSDtfsCounter, 433 mSDsluCounter, 811 mSDsCounter, 0 mSdLazyCounter, 768 mSolverCounterSat, 143 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 436 SdHoareTripleChecker+Valid, 971 SdHoareTripleChecker+Invalid, 911 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 143 IncrementalHoareTripleChecker+Valid, 768 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:11,358 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [436 Valid, 971 Invalid, 911 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [143 Valid, 768 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-08 15:17:11,358 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:17:11,359 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:17:11,359 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:17:11,359 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:17:11,359 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 100 [2024-11-08 15:17:11,360 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:11,360 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:17:11,360 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.133333333333333) internal successors, (137), 10 states have internal predecessors, (137), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-11-08 15:17:11,360 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:17:11,360 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:17:11,363 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:17:11,382 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:17:11,564 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 15:17:11,567 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:11,569 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:17:14,336 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:17:14,362 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-08 15:17:14,373 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-08 15:17:14,381 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-08 15:17:14,398 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:17:14 BoogieIcfgContainer [2024-11-08 15:17:14,398 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:17:14,401 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:17:14,401 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:17:14,401 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:17:14,402 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:06" (3/4) ... [2024-11-08 15:17:14,404 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:17:14,407 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:17:14,408 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 15:17:14,416 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-08 15:17:14,417 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:17:14,417 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:17:14,417 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:14,418 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:14,535 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:17:14,536 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:17:14,536 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:17:14,537 INFO L158 Benchmark]: Toolchain (without parser) took 9475.92ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 133.2MB in the beginning and 162.5MB in the end (delta: -29.2MB). Peak memory consumption was 118.2MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,539 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 130.0MB. Free memory was 91.8MB in the beginning and 91.6MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:17:14,539 INFO L158 Benchmark]: CACSL2BoogieTranslator took 500.18ms. Allocated memory is still 163.6MB. Free memory was 133.2MB in the beginning and 111.6MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,539 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.90ms. Allocated memory is still 163.6MB. Free memory was 111.6MB in the beginning and 108.9MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,539 INFO L158 Benchmark]: Boogie Preprocessor took 48.76ms. Allocated memory is still 163.6MB. Free memory was 108.9MB in the beginning and 106.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,540 INFO L158 Benchmark]: RCFGBuilder took 530.48ms. Allocated memory is still 163.6MB. Free memory was 106.7MB in the beginning and 87.1MB in the end (delta: 19.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,540 INFO L158 Benchmark]: TraceAbstraction took 8183.43ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 86.4MB in the beginning and 55.7MB in the end (delta: 30.7MB). Peak memory consumption was 74.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,540 INFO L158 Benchmark]: Witness Printer took 135.38ms. Allocated memory is still 197.1MB. Free memory was 55.7MB in the beginning and 162.5MB in the end (delta: -106.7MB). Peak memory consumption was 8.6MB. Max. memory is 16.1GB. [2024-11-08 15:17:14,541 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 130.0MB. Free memory was 91.8MB in the beginning and 91.6MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 500.18ms. Allocated memory is still 163.6MB. Free memory was 133.2MB in the beginning and 111.6MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.90ms. Allocated memory is still 163.6MB. Free memory was 111.6MB in the beginning and 108.9MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 48.76ms. Allocated memory is still 163.6MB. Free memory was 108.9MB in the beginning and 106.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 530.48ms. Allocated memory is still 163.6MB. Free memory was 106.7MB in the beginning and 87.1MB in the end (delta: 19.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 8183.43ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 86.4MB in the beginning and 55.7MB in the end (delta: 30.7MB). Peak memory consumption was 74.1MB. Max. memory is 16.1GB. * Witness Printer took 135.38ms. Allocated memory is still 197.1MB. Free memory was 55.7MB in the beginning and 162.5MB in the end (delta: -106.7MB). Peak memory consumption was 8.6MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] - GenericResultAtLocation [Line: 199]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] - GenericResultAtLocation [Line: 308]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] - GenericResultAtLocation [Line: 674]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] - GenericResultAtLocation [Line: 724]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] - GenericResultAtLocation [Line: 789]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 96 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1568 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1536 mSDsluCounter, 3451 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2402 mSDsCounter, 393 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1749 IncrementalHoareTripleChecker+Invalid, 2142 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 393 mSolverCounterUnsat, 1049 mSDtfsCounter, 1749 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 386 GetRequests, 289 SyntacticMatches, 4 SemanticMatches, 93 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 492 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=433occurred in iteration=9, InterpolantAutomatonStates: 88, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 81 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 624 NumberOfCodeBlocks, 624 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 712 ConstructedInterpolants, 0 QuantifiedInterpolants, 1375 SizeOfPredicates, 2 NumberOfNonLiveVariables, 334 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 91/126 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 735]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 734]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 822]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 232]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 795]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 99]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 830]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 220]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 926]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:17:14,573 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE