./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:55:24,757 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:55:24,847 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:55:24,850 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:55:24,854 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:55:24,882 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:55:24,883 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:55:24,883 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:55:24,883 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:55:24,884 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:55:24,884 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:55:24,884 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:55:24,884 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:55:24,884 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:55:24,885 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:55:24,885 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:55:24,885 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:55:24,885 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:55:24,886 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:55:24,886 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:55:24,886 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:55:24,887 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:55:24,887 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:55:24,887 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:55:24,887 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:55:24,888 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:55:24,888 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:55:24,888 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:55:24,888 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:55:24,889 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:55:24,889 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:55:24,889 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:55:24,889 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:24,889 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:55:24,890 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:55:24,890 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:55:24,890 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:55:24,890 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:55:24,890 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:55:24,891 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:55:24,891 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:55:24,891 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:55:24,891 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b [2024-11-16 07:55:25,085 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:55:25,106 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:55:25,108 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:55:25,110 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:55:25,110 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:55:25,111 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2024-11-16 07:55:26,426 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:55:26,593 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:55:26,594 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2024-11-16 07:55:26,603 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/02d55f4fb/bcf6976a7a594c4fa8b3d4d53008fbfb/FLAG7db46b30a [2024-11-16 07:55:26,614 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/02d55f4fb/bcf6976a7a594c4fa8b3d4d53008fbfb [2024-11-16 07:55:26,617 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:55:26,619 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:55:26,620 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:26,623 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:55:26,627 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:55:26,628 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,629 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5cf48973 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26, skipping insertion in model container [2024-11-16 07:55:26,629 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,659 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:55:26,809 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2024-11-16 07:55:26,896 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:26,905 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:55:26,913 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2024-11-16 07:55:26,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] [2024-11-16 07:55:26,914 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] [2024-11-16 07:55:26,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [287] [2024-11-16 07:55:26,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [653] [2024-11-16 07:55:26,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [725] [2024-11-16 07:55:26,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [823] [2024-11-16 07:55:26,915 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [873] [2024-11-16 07:55:26,921 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2024-11-16 07:55:26,979 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:27,003 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:55:27,004 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27 WrapperNode [2024-11-16 07:55:27,004 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:27,005 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:27,005 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:55:27,005 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:55:27,010 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,023 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,050 INFO L138 Inliner]: procedures = 56, calls = 99, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 184 [2024-11-16 07:55:27,051 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:27,051 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:55:27,051 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:55:27,051 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:55:27,059 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,060 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,065 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,083 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:55:27,084 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,084 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,087 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,087 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,088 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,088 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,090 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:55:27,091 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:55:27,091 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:55:27,091 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:55:27,091 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (1/1) ... [2024-11-16 07:55:27,099 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:27,112 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:27,131 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:55:27,136 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:55:27,174 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:55:27,175 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:55:27,175 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:55:27,175 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:55:27,175 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:55:27,175 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:55:27,175 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:55:27,175 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:55:27,176 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:55:27,176 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-16 07:55:27,176 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-16 07:55:27,176 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:55:27,176 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:55:27,176 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:55:27,176 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:55:27,176 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:55:27,235 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:55:27,239 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:55:27,351 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L950-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; [2024-11-16 07:55:27,351 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L261-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~4#1; [2024-11-16 07:55:27,351 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L964-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~11#1; [2024-11-16 07:55:27,415 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L820-1: main_#res#1 := main_~retValue_acc~8#1; [2024-11-16 07:55:27,415 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L84-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2024-11-16 07:55:27,420 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L206: #res := ~retValue_acc~3; [2024-11-16 07:55:27,435 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-11-16 07:55:27,436 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:55:27,453 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:55:27,454 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:55:27,454 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:27 BoogieIcfgContainer [2024-11-16 07:55:27,454 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:55:27,455 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:55:27,456 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:55:27,458 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:55:27,458 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:55:26" (1/3) ... [2024-11-16 07:55:27,459 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a64dbf3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:27, skipping insertion in model container [2024-11-16 07:55:27,459 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:27" (2/3) ... [2024-11-16 07:55:27,459 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a64dbf3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:27, skipping insertion in model container [2024-11-16 07:55:27,459 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:27" (3/3) ... [2024-11-16 07:55:27,460 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product36.cil.c [2024-11-16 07:55:27,471 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:55:27,472 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:55:27,512 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:55:27,517 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@77e85829, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:55:27,517 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:55:27,527 INFO L276 IsEmpty]: Start isEmpty. Operand has 91 states, 73 states have (on average 1.3424657534246576) internal successors, (98), 79 states have internal predecessors, (98), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-16 07:55:27,533 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-16 07:55:27,534 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:27,534 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:27,534 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:27,571 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:27,571 INFO L85 PathProgramCache]: Analyzing trace with hash -432321960, now seen corresponding path program 1 times [2024-11-16 07:55:27,579 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,580 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [709076918] [2024-11-16 07:55:27,580 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,580 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,779 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-16 07:55:27,782 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,791 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:55:27,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,796 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:27,797 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:27,797 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [709076918] [2024-11-16 07:55:27,798 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [709076918] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:27,798 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:27,798 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:55:27,799 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1864771303] [2024-11-16 07:55:27,800 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:27,803 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:55:27,803 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:27,819 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:55:27,820 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:27,821 INFO L87 Difference]: Start difference. First operand has 91 states, 73 states have (on average 1.3424657534246576) internal successors, (98), 79 states have internal predecessors, (98), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,851 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:27,851 INFO L93 Difference]: Finished difference Result 172 states and 229 transitions. [2024-11-16 07:55:27,855 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:55:27,856 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-16 07:55:27,857 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:27,865 INFO L225 Difference]: With dead ends: 172 [2024-11-16 07:55:27,866 INFO L226 Difference]: Without dead ends: 80 [2024-11-16 07:55:27,869 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:27,872 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:27,875 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:27,895 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-16 07:55:27,916 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-16 07:55:27,917 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 64 states have (on average 1.28125) internal successors, (82), 69 states have internal predecessors, (82), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-16 07:55:27,919 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 101 transitions. [2024-11-16 07:55:27,922 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 101 transitions. Word has length 34 [2024-11-16 07:55:27,922 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:27,923 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 101 transitions. [2024-11-16 07:55:27,923 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,923 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 101 transitions. [2024-11-16 07:55:27,925 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-16 07:55:27,925 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:27,925 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:27,925 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:55:27,925 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:27,926 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:27,926 INFO L85 PathProgramCache]: Analyzing trace with hash 721230687, now seen corresponding path program 1 times [2024-11-16 07:55:27,926 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,927 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1477576894] [2024-11-16 07:55:27,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,033 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-16 07:55:28,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,037 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-16 07:55:28,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,040 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,041 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,041 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1477576894] [2024-11-16 07:55:28,041 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1477576894] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,041 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,041 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:28,041 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2108168246] [2024-11-16 07:55:28,042 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,043 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:28,043 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,043 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:28,043 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:28,044 INFO L87 Difference]: Start difference. First operand 80 states and 101 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:28,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,055 INFO L93 Difference]: Finished difference Result 117 states and 148 transitions. [2024-11-16 07:55:28,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:28,055 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2024-11-16 07:55:28,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,056 INFO L225 Difference]: With dead ends: 117 [2024-11-16 07:55:28,056 INFO L226 Difference]: Without dead ends: 69 [2024-11-16 07:55:28,057 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:28,057 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 17 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 149 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,058 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 149 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,058 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2024-11-16 07:55:28,062 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2024-11-16 07:55:28,063 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 61 states have internal predecessors, (73), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-16 07:55:28,064 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 87 transitions. [2024-11-16 07:55:28,064 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 87 transitions. Word has length 37 [2024-11-16 07:55:28,064 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,064 INFO L471 AbstractCegarLoop]: Abstraction has 69 states and 87 transitions. [2024-11-16 07:55:28,064 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:28,064 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 87 transitions. [2024-11-16 07:55:28,065 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-16 07:55:28,065 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,069 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,069 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:55:28,070 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,070 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,070 INFO L85 PathProgramCache]: Analyzing trace with hash 2015338510, now seen corresponding path program 1 times [2024-11-16 07:55:28,070 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,071 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [777019804] [2024-11-16 07:55:28,071 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,071 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,094 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,201 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-16 07:55:28,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,204 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,204 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,204 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [777019804] [2024-11-16 07:55:28,204 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [777019804] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,204 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,204 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:28,204 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1457109378] [2024-11-16 07:55:28,205 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,205 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:28,205 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,206 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:28,206 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:28,206 INFO L87 Difference]: Start difference. First operand 69 states and 87 transitions. Second operand has 6 states, 6 states have (on average 5.5) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,350 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,350 INFO L93 Difference]: Finished difference Result 235 states and 305 transitions. [2024-11-16 07:55:28,351 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:55:28,351 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 40 [2024-11-16 07:55:28,351 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,353 INFO L225 Difference]: With dead ends: 235 [2024-11-16 07:55:28,353 INFO L226 Difference]: Without dead ends: 174 [2024-11-16 07:55:28,353 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:55:28,354 INFO L432 NwaCegarLoop]: 100 mSDtfsCounter, 179 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 66 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 179 SdHoareTripleChecker+Valid, 375 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 66 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,355 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [179 Valid, 375 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 66 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:28,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2024-11-16 07:55:28,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 162. [2024-11-16 07:55:28,370 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 128 states have (on average 1.3359375) internal successors, (171), 139 states have internal predecessors, (171), 19 states have call successors, (19), 14 states have call predecessors, (19), 14 states have return successors, (20), 17 states have call predecessors, (20), 19 states have call successors, (20) [2024-11-16 07:55:28,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 210 transitions. [2024-11-16 07:55:28,372 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 210 transitions. Word has length 40 [2024-11-16 07:55:28,372 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,372 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 210 transitions. [2024-11-16 07:55:28,372 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.5) internal successors, (33), 6 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,372 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 210 transitions. [2024-11-16 07:55:28,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-16 07:55:28,374 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,374 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,374 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:55:28,374 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,375 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,375 INFO L85 PathProgramCache]: Analyzing trace with hash -1169679314, now seen corresponding path program 1 times [2024-11-16 07:55:28,375 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,375 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1573852789] [2024-11-16 07:55:28,375 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,375 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-16 07:55:28,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,539 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:55:28,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,559 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:55:28,559 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,560 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1573852789] [2024-11-16 07:55:28,560 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1573852789] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,560 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,560 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:28,560 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [211918700] [2024-11-16 07:55:28,560 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,561 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:28,562 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,563 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:28,563 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:28,563 INFO L87 Difference]: Start difference. First operand 162 states and 210 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:28,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,672 INFO L93 Difference]: Finished difference Result 397 states and 523 transitions. [2024-11-16 07:55:28,673 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:55:28,673 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 43 [2024-11-16 07:55:28,673 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,675 INFO L225 Difference]: With dead ends: 397 [2024-11-16 07:55:28,677 INFO L226 Difference]: Without dead ends: 243 [2024-11-16 07:55:28,678 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:28,681 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 41 mSDsluCounter, 281 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,681 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 366 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:28,682 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 243 states. [2024-11-16 07:55:28,711 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 243 to 243. [2024-11-16 07:55:28,712 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 243 states, 189 states have (on average 1.2804232804232805) internal successors, (242), 202 states have internal predecessors, (242), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2024-11-16 07:55:28,714 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 243 states to 243 states and 306 transitions. [2024-11-16 07:55:28,718 INFO L78 Accepts]: Start accepts. Automaton has 243 states and 306 transitions. Word has length 43 [2024-11-16 07:55:28,718 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,718 INFO L471 AbstractCegarLoop]: Abstraction has 243 states and 306 transitions. [2024-11-16 07:55:28,718 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:28,719 INFO L276 IsEmpty]: Start isEmpty. Operand 243 states and 306 transitions. [2024-11-16 07:55:28,720 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:28,720 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,720 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,720 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:55:28,720 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,721 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,721 INFO L85 PathProgramCache]: Analyzing trace with hash -138614540, now seen corresponding path program 1 times [2024-11-16 07:55:28,721 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,721 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [817446528] [2024-11-16 07:55:28,721 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,721 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,829 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,831 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:28,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,834 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,835 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,835 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [817446528] [2024-11-16 07:55:28,835 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [817446528] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,835 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,836 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:55:28,837 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1406901509] [2024-11-16 07:55:28,837 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,837 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:55:28,837 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,838 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:55:28,839 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:28,839 INFO L87 Difference]: Start difference. First operand 243 states and 306 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,868 INFO L93 Difference]: Finished difference Result 484 states and 617 transitions. [2024-11-16 07:55:28,868 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:55:28,870 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:28,870 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,871 INFO L225 Difference]: With dead ends: 484 [2024-11-16 07:55:28,873 INFO L226 Difference]: Without dead ends: 249 [2024-11-16 07:55:28,874 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:28,876 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 0 mSDsluCounter, 245 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 329 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,876 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 329 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,877 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 249 states. [2024-11-16 07:55:28,891 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 249 to 249. [2024-11-16 07:55:28,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 249 states, 195 states have (on average 1.2717948717948717) internal successors, (248), 208 states have internal predecessors, (248), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2024-11-16 07:55:28,893 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 249 states to 249 states and 312 transitions. [2024-11-16 07:55:28,893 INFO L78 Accepts]: Start accepts. Automaton has 249 states and 312 transitions. Word has length 49 [2024-11-16 07:55:28,893 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,893 INFO L471 AbstractCegarLoop]: Abstraction has 249 states and 312 transitions. [2024-11-16 07:55:28,893 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,894 INFO L276 IsEmpty]: Start isEmpty. Operand 249 states and 312 transitions. [2024-11-16 07:55:28,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:28,895 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,895 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,895 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:55:28,895 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,896 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,896 INFO L85 PathProgramCache]: Analyzing trace with hash -1135686893, now seen corresponding path program 1 times [2024-11-16 07:55:28,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [737044546] [2024-11-16 07:55:28,896 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,905 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,959 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,961 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:28,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,965 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,965 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,965 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [737044546] [2024-11-16 07:55:28,966 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [737044546] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,966 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,966 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-16 07:55:28,966 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1996252608] [2024-11-16 07:55:28,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-16 07:55:28,967 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,968 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-16 07:55:28,968 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-16 07:55:28,968 INFO L87 Difference]: Start difference. First operand 249 states and 312 transitions. Second operand has 4 states, 4 states have (on average 10.5) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,990 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,991 INFO L93 Difference]: Finished difference Result 494 states and 632 transitions. [2024-11-16 07:55:28,991 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-16 07:55:28,991 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.5) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:28,992 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,994 INFO L225 Difference]: With dead ends: 494 [2024-11-16 07:55:28,995 INFO L226 Difference]: Without dead ends: 253 [2024-11-16 07:55:28,996 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-16 07:55:28,996 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 0 mSDsluCounter, 164 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 249 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,999 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 249 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:29,000 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 253 states. [2024-11-16 07:55:29,023 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 253 to 253. [2024-11-16 07:55:29,024 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 253 states, 199 states have (on average 1.2663316582914572) internal successors, (252), 212 states have internal predecessors, (252), 29 states have call successors, (29), 24 states have call predecessors, (29), 24 states have return successors, (35), 29 states have call predecessors, (35), 29 states have call successors, (35) [2024-11-16 07:55:29,025 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 253 states to 253 states and 316 transitions. [2024-11-16 07:55:29,026 INFO L78 Accepts]: Start accepts. Automaton has 253 states and 316 transitions. Word has length 49 [2024-11-16 07:55:29,027 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:29,027 INFO L471 AbstractCegarLoop]: Abstraction has 253 states and 316 transitions. [2024-11-16 07:55:29,027 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.5) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:29,027 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 316 transitions. [2024-11-16 07:55:29,029 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:29,032 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:29,032 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:29,032 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:55:29,033 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:29,033 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:29,033 INFO L85 PathProgramCache]: Analyzing trace with hash -1953335343, now seen corresponding path program 1 times [2024-11-16 07:55:29,033 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:29,033 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1346023804] [2024-11-16 07:55:29,033 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,033 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:29,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,105 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:29,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,108 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:29,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,110 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:29,110 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:29,110 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1346023804] [2024-11-16 07:55:29,110 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1346023804] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:29,110 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:29,110 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:29,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [343675026] [2024-11-16 07:55:29,111 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:29,111 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:29,111 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:29,112 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:29,112 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:29,112 INFO L87 Difference]: Start difference. First operand 253 states and 316 transitions. Second operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:29,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:29,141 INFO L93 Difference]: Finished difference Result 629 states and 795 transitions. [2024-11-16 07:55:29,141 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:29,141 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:29,142 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:29,147 INFO L225 Difference]: With dead ends: 629 [2024-11-16 07:55:29,148 INFO L226 Difference]: Without dead ends: 384 [2024-11-16 07:55:29,148 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:29,149 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 39 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 159 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:29,149 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 159 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:29,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 384 states. [2024-11-16 07:55:29,180 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 384 to 384. [2024-11-16 07:55:29,185 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 384 states, 302 states have (on average 1.2384105960264902) internal successors, (374), 318 states have internal predecessors, (374), 46 states have call successors, (46), 38 states have call predecessors, (46), 35 states have return successors, (53), 43 states have call predecessors, (53), 46 states have call successors, (53) [2024-11-16 07:55:29,186 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 384 states to 384 states and 473 transitions. [2024-11-16 07:55:29,191 INFO L78 Accepts]: Start accepts. Automaton has 384 states and 473 transitions. Word has length 49 [2024-11-16 07:55:29,191 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:29,191 INFO L471 AbstractCegarLoop]: Abstraction has 384 states and 473 transitions. [2024-11-16 07:55:29,191 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:29,191 INFO L276 IsEmpty]: Start isEmpty. Operand 384 states and 473 transitions. [2024-11-16 07:55:29,192 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-16 07:55:29,193 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:29,193 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:29,193 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:55:29,193 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:29,193 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:29,193 INFO L85 PathProgramCache]: Analyzing trace with hash 1332972047, now seen corresponding path program 1 times [2024-11-16 07:55:29,193 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:29,193 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1096967908] [2024-11-16 07:55:29,193 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,194 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:29,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,361 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:29,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,369 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-16 07:55:29,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,373 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-16 07:55:29,374 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,375 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:29,377 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:29,377 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1096967908] [2024-11-16 07:55:29,377 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1096967908] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:29,377 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:29,377 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-16 07:55:29,378 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [363007744] [2024-11-16 07:55:29,378 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:29,378 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:55:29,378 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:29,379 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:55:29,379 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:55:29,379 INFO L87 Difference]: Start difference. First operand 384 states and 473 transitions. Second operand has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:29,654 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:29,654 INFO L93 Difference]: Finished difference Result 1208 states and 1563 transitions. [2024-11-16 07:55:29,655 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-16 07:55:29,655 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 53 [2024-11-16 07:55:29,655 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:29,659 INFO L225 Difference]: With dead ends: 1208 [2024-11-16 07:55:29,659 INFO L226 Difference]: Without dead ends: 963 [2024-11-16 07:55:29,660 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 28 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=151, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:55:29,662 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 317 mSDsluCounter, 439 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 327 SdHoareTripleChecker+Valid, 559 SdHoareTripleChecker+Invalid, 263 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:29,662 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [327 Valid, 559 Invalid, 263 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:55:29,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 963 states. [2024-11-16 07:55:29,718 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 963 to 951. [2024-11-16 07:55:29,720 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 951 states, 751 states have (on average 1.2117177097203728) internal successors, (910), 795 states have internal predecessors, (910), 108 states have call successors, (108), 81 states have call predecessors, (108), 91 states have return successors, (154), 103 states have call predecessors, (154), 108 states have call successors, (154) [2024-11-16 07:55:29,725 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 951 states to 951 states and 1172 transitions. [2024-11-16 07:55:29,726 INFO L78 Accepts]: Start accepts. Automaton has 951 states and 1172 transitions. Word has length 53 [2024-11-16 07:55:29,726 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:29,726 INFO L471 AbstractCegarLoop]: Abstraction has 951 states and 1172 transitions. [2024-11-16 07:55:29,726 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:29,726 INFO L276 IsEmpty]: Start isEmpty. Operand 951 states and 1172 transitions. [2024-11-16 07:55:29,728 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2024-11-16 07:55:29,728 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:29,728 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:29,728 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:55:29,729 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:29,729 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:29,729 INFO L85 PathProgramCache]: Analyzing trace with hash -1951361641, now seen corresponding path program 1 times [2024-11-16 07:55:29,729 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:29,730 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [506798557] [2024-11-16 07:55:29,730 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,730 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:29,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:29,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,896 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-16 07:55:29,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,919 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:29,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,923 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 59 [2024-11-16 07:55:29,927 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,943 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-16 07:55:29,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,945 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-16 07:55:29,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,948 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 19 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-16 07:55:29,948 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:29,948 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [506798557] [2024-11-16 07:55:29,948 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [506798557] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:55:29,948 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [524015199] [2024-11-16 07:55:29,948 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,949 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:29,949 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:29,950 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:55:29,952 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:55:30,030 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:30,032 INFO L255 TraceCheckSpWp]: Trace formula consists of 292 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-16 07:55:30,038 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:55:30,175 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 24 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:55:30,175 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:55:30,321 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 20 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-16 07:55:30,323 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [524015199] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-16 07:55:30,323 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-16 07:55:30,324 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-16 07:55:30,324 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [374393398] [2024-11-16 07:55:30,324 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-16 07:55:30,324 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-16 07:55:30,324 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:30,325 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-16 07:55:30,325 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:55:30,326 INFO L87 Difference]: Start difference. First operand 951 states and 1172 transitions. Second operand has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2024-11-16 07:55:30,867 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:30,867 INFO L93 Difference]: Finished difference Result 1744 states and 2200 transitions. [2024-11-16 07:55:30,867 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-16 07:55:30,868 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 86 [2024-11-16 07:55:30,868 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:30,869 INFO L225 Difference]: With dead ends: 1744 [2024-11-16 07:55:30,869 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:55:30,872 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 213 GetRequests, 180 SyntacticMatches, 4 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 169 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=179, Invalid=751, Unknown=0, NotChecked=0, Total=930 [2024-11-16 07:55:30,873 INFO L432 NwaCegarLoop]: 141 mSDtfsCounter, 216 mSDsluCounter, 1080 mSDsCounter, 0 mSdLazyCounter, 638 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 221 SdHoareTripleChecker+Valid, 1221 SdHoareTripleChecker+Invalid, 698 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 638 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:30,873 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [221 Valid, 1221 Invalid, 698 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 638 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-16 07:55:30,873 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:55:30,873 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:55:30,873 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:55:30,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:55:30,874 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 86 [2024-11-16 07:55:30,874 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:30,874 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:55:30,874 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2024-11-16 07:55:30,874 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:55:30,874 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:55:30,876 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:55:30,890 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-16 07:55:31,077 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:31,080 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:31,082 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:55:33,834 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:55:33,870 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-16 07:55:33,884 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-16 07:55:33,899 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:55:33 BoogieIcfgContainer [2024-11-16 07:55:33,899 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:55:33,900 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:55:33,900 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:55:33,900 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:55:33,900 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:27" (3/4) ... [2024-11-16 07:55:33,907 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:55:33,914 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-16 07:55:33,923 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 39 nodes and edges [2024-11-16 07:55:33,923 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:55:33,923 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:55:33,924 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:33,927 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:34,029 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:55:34,031 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:55:34,031 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:55:34,032 INFO L158 Benchmark]: Toolchain (without parser) took 7413.21ms. Allocated memory was 197.1MB in the beginning and 260.0MB in the end (delta: 62.9MB). Free memory was 126.7MB in the beginning and 183.9MB in the end (delta: -57.1MB). Peak memory consumption was 7.2MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,032 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 117.4MB. Free memory is still 76.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:55:34,032 INFO L158 Benchmark]: CACSL2BoogieTranslator took 384.35ms. Allocated memory is still 197.1MB. Free memory was 126.3MB in the beginning and 105.0MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,032 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.11ms. Allocated memory is still 197.1MB. Free memory was 105.0MB in the beginning and 102.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,032 INFO L158 Benchmark]: Boogie Preprocessor took 39.05ms. Allocated memory is still 197.1MB. Free memory was 102.9MB in the beginning and 100.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,033 INFO L158 Benchmark]: IcfgBuilder took 363.52ms. Allocated memory is still 197.1MB. Free memory was 100.8MB in the beginning and 81.8MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,033 INFO L158 Benchmark]: TraceAbstraction took 6443.80ms. Allocated memory was 197.1MB in the beginning and 260.0MB in the end (delta: 62.9MB). Free memory was 81.1MB in the beginning and 191.2MB in the end (delta: -110.2MB). Peak memory consumption was 74.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,033 INFO L158 Benchmark]: Witness Printer took 131.46ms. Allocated memory is still 260.0MB. Free memory was 191.2MB in the beginning and 183.9MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-16 07:55:34,034 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 117.4MB. Free memory is still 76.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 384.35ms. Allocated memory is still 197.1MB. Free memory was 126.3MB in the beginning and 105.0MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.11ms. Allocated memory is still 197.1MB. Free memory was 105.0MB in the beginning and 102.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.05ms. Allocated memory is still 197.1MB. Free memory was 102.9MB in the beginning and 100.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 363.52ms. Allocated memory is still 197.1MB. Free memory was 100.8MB in the beginning and 81.8MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 6443.80ms. Allocated memory was 197.1MB in the beginning and 260.0MB in the end (delta: 62.9MB). Free memory was 81.1MB in the beginning and 191.2MB in the end (delta: -110.2MB). Peak memory consumption was 74.1MB. Max. memory is 16.1GB. * Witness Printer took 131.46ms. Allocated memory is still 260.0MB. Free memory was 191.2MB in the beginning and 183.9MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] - GenericResultAtLocation [Line: 287]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [287] - GenericResultAtLocation [Line: 653]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [653] - GenericResultAtLocation [Line: 725]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [725] - GenericResultAtLocation [Line: 823]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [823] - GenericResultAtLocation [Line: 873]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [873] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 91 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.6s, OverallIterations: 9, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 828 SdHoareTripleChecker+Valid, 0.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 809 mSDsluCounter, 3518 SdHoareTripleChecker+Invalid, 0.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2619 mSDsCounter, 149 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 997 IncrementalHoareTripleChecker+Invalid, 1146 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 149 mSolverCounterUnsat, 899 mSDtfsCounter, 997 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 297 GetRequests, 231 SyntacticMatches, 4 SemanticMatches, 62 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 201 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=951occurred in iteration=8, InterpolantAutomatonStates: 64, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 9 MinimizatonAttempts, 24 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 526 NumberOfCodeBlocks, 526 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 601 ConstructedInterpolants, 0 QuantifiedInterpolants, 1194 SizeOfPredicates, 2 NumberOfNonLiveVariables, 292 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 11 InterpolantComputations, 8 PerfectInterpolantSequences, 97/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 667]: Location Invariant Derived location invariant: null - InvariantResult [Line: 737]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 140]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 900]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 727]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 113]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) && (\old(waterLevel) == 2)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 888]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) <= 2))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 200]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && (pumpRunning == \result)) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:55:34,080 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE