./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 96a9f4a5eb48d3a052332271e6f513d6efe176b9f027fc1b42847acbd4831cf9 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:55:37,322 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:55:37,411 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:55:37,415 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:55:37,415 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:55:37,449 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:55:37,450 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:55:37,451 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:55:37,451 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:55:37,452 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:55:37,453 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:55:37,454 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:55:37,455 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:55:37,456 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:55:37,457 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:55:37,457 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:55:37,457 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:55:37,458 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:55:37,458 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:55:37,458 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:55:37,462 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:55:37,462 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:55:37,462 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:55:37,463 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:55:37,463 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:55:37,463 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:55:37,463 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:55:37,463 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:55:37,464 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:55:37,464 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:55:37,464 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:55:37,464 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:37,464 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:55:37,465 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:55:37,465 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:55:37,465 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:55:37,466 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:55:37,467 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:55:37,467 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:55:37,467 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:55:37,468 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:55:37,468 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 96a9f4a5eb48d3a052332271e6f513d6efe176b9f027fc1b42847acbd4831cf9 [2024-11-16 07:55:37,695 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:55:37,720 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:55:37,723 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:55:37,724 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:55:37,725 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:55:37,726 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c [2024-11-16 07:55:39,117 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:55:39,344 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:55:39,345 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c [2024-11-16 07:55:39,359 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d770a5604/1b5d41d9f248498583a5ec083801df86/FLAG859e2e02e [2024-11-16 07:55:39,681 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/d770a5604/1b5d41d9f248498583a5ec083801df86 [2024-11-16 07:55:39,683 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:55:39,684 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:55:39,688 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:39,688 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:55:39,693 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:55:39,694 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,695 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3719d95 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39, skipping insertion in model container [2024-11-16 07:55:39,695 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,748 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:55:40,076 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c[11292,11305] [2024-11-16 07:55:40,128 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:40,147 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:55:40,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-11-16 07:55:40,159 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] [2024-11-16 07:55:40,159 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] [2024-11-16 07:55:40,159 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] [2024-11-16 07:55:40,160 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [730] [2024-11-16 07:55:40,160 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [825] [2024-11-16 07:55:40,160 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [926] [2024-11-16 07:55:40,160 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [975] [2024-11-16 07:55:40,220 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product48.cil.c[11292,11305] [2024-11-16 07:55:40,242 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:40,268 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:55:40,268 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40 WrapperNode [2024-11-16 07:55:40,268 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:40,269 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:40,270 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:55:40,270 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:55:40,276 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,294 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,328 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 216 [2024-11-16 07:55:40,328 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:40,329 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:55:40,329 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:55:40,329 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:55:40,344 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,345 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,346 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,377 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:55:40,378 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,378 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,384 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,387 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,389 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,390 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,393 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:55:40,394 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:55:40,395 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:55:40,395 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:55:40,396 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (1/1) ... [2024-11-16 07:55:40,402 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:40,414 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:40,429 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:55:40,433 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:55:40,480 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:55:40,480 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:55:40,481 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:55:40,481 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:55:40,481 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:55:40,481 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:55:40,481 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:55:40,481 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:55:40,482 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:55:40,482 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:55:40,482 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:55:40,482 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-16 07:55:40,482 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-16 07:55:40,482 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-16 07:55:40,482 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-16 07:55:40,483 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-16 07:55:40,483 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-16 07:55:40,483 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:55:40,483 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:55:40,483 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:55:40,483 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:55:40,485 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:55:40,574 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:55:40,577 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:55:40,722 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L808-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~7#1; [2024-11-16 07:55:40,804 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L923-1: main_#res#1 := main_~retValue_acc~9#1; [2024-11-16 07:55:40,805 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L1007-1: valid_product_#res#1 := valid_product_~retValue_acc~11#1; [2024-11-16 07:55:40,852 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L704-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~5#1; [2024-11-16 07:55:40,853 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L822-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~8#1; [2024-11-16 07:55:40,858 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L649: #res := ~retValue_acc~4; [2024-11-16 07:55:40,875 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L640: #res#1 := ~retValue_acc~3#1; [2024-11-16 07:55:40,875 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L776-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~6#1; [2024-11-16 07:55:40,891 INFO L? ?]: Removed 43 outVars from TransFormulas that were not future-live. [2024-11-16 07:55:40,891 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:55:40,909 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:55:40,911 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:55:40,911 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40 BoogieIcfgContainer [2024-11-16 07:55:40,911 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:55:40,914 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:55:40,915 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:55:40,918 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:55:40,918 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:55:39" (1/3) ... [2024-11-16 07:55:40,919 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4c718da9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:40, skipping insertion in model container [2024-11-16 07:55:40,919 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:40" (2/3) ... [2024-11-16 07:55:40,920 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4c718da9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:40, skipping insertion in model container [2024-11-16 07:55:40,920 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40" (3/3) ... [2024-11-16 07:55:40,921 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product48.cil.c [2024-11-16 07:55:40,935 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:55:40,936 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:55:40,995 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:55:41,000 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@705b34ce, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:55:41,001 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:55:41,004 INFO L276 IsEmpty]: Start isEmpty. Operand has 112 states, 85 states have (on average 1.3294117647058823) internal successors, (113), 94 states have internal predecessors, (113), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-16 07:55:41,015 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-16 07:55:41,015 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,016 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,017 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,023 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,023 INFO L85 PathProgramCache]: Analyzing trace with hash -1124201638, now seen corresponding path program 1 times [2024-11-16 07:55:41,032 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,032 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1016053029] [2024-11-16 07:55:41,033 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,033 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,167 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,304 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-16 07:55:41,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,326 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:55:41,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,337 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,338 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,338 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1016053029] [2024-11-16 07:55:41,339 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1016053029] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,340 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,340 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:55:41,344 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [974631839] [2024-11-16 07:55:41,345 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,371 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:55:41,371 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,402 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:55:41,403 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:41,406 INFO L87 Difference]: Start difference. First operand has 112 states, 85 states have (on average 1.3294117647058823) internal successors, (113), 94 states have internal predecessors, (113), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:41,447 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,447 INFO L93 Difference]: Finished difference Result 214 states and 283 transitions. [2024-11-16 07:55:41,449 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:55:41,450 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-16 07:55:41,451 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,462 INFO L225 Difference]: With dead ends: 214 [2024-11-16 07:55:41,463 INFO L226 Difference]: Without dead ends: 101 [2024-11-16 07:55:41,466 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:41,469 INFO L432 NwaCegarLoop]: 138 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,470 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 138 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:41,491 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 101 states. [2024-11-16 07:55:41,513 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 101 to 101. [2024-11-16 07:55:41,515 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 76 states have (on average 1.2763157894736843) internal successors, (97), 84 states have internal predecessors, (97), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-16 07:55:41,517 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 128 transitions. [2024-11-16 07:55:41,519 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 128 transitions. Word has length 34 [2024-11-16 07:55:41,519 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,520 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 128 transitions. [2024-11-16 07:55:41,520 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:41,520 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 128 transitions. [2024-11-16 07:55:41,524 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-16 07:55:41,525 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,525 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,525 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:55:41,526 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,526 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,526 INFO L85 PathProgramCache]: Analyzing trace with hash -792571691, now seen corresponding path program 1 times [2024-11-16 07:55:41,526 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,527 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1448936530] [2024-11-16 07:55:41,527 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,527 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,654 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-16 07:55:41,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,661 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-16 07:55:41,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,666 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,666 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,666 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1448936530] [2024-11-16 07:55:41,667 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1448936530] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,667 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,667 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:41,667 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1895466604] [2024-11-16 07:55:41,667 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,668 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:41,669 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,669 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:41,669 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,670 INFO L87 Difference]: Start difference. First operand 101 states and 128 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:41,696 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,698 INFO L93 Difference]: Finished difference Result 159 states and 201 transitions. [2024-11-16 07:55:41,699 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:41,699 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2024-11-16 07:55:41,699 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,702 INFO L225 Difference]: With dead ends: 159 [2024-11-16 07:55:41,703 INFO L226 Difference]: Without dead ends: 90 [2024-11-16 07:55:41,704 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,705 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 16 mSDsluCounter, 90 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,707 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 203 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:41,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2024-11-16 07:55:41,721 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2024-11-16 07:55:41,722 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 76 states have internal predecessors, (88), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-16 07:55:41,723 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 114 transitions. [2024-11-16 07:55:41,723 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 114 transitions. Word has length 37 [2024-11-16 07:55:41,724 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,724 INFO L471 AbstractCegarLoop]: Abstraction has 90 states and 114 transitions. [2024-11-16 07:55:41,724 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:41,724 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 114 transitions. [2024-11-16 07:55:41,726 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-16 07:55:41,726 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,726 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,726 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:55:41,726 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,727 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,727 INFO L85 PathProgramCache]: Analyzing trace with hash 1971647589, now seen corresponding path program 1 times [2024-11-16 07:55:41,727 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,728 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [179347864] [2024-11-16 07:55:41,728 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,728 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,868 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,874 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-16 07:55:41,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,877 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,877 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,877 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [179347864] [2024-11-16 07:55:41,877 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [179347864] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,877 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,878 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:41,878 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [194691055] [2024-11-16 07:55:41,878 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,878 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:41,879 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,879 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:41,879 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,880 INFO L87 Difference]: Start difference. First operand 90 states and 114 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:41,927 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,927 INFO L93 Difference]: Finished difference Result 252 states and 325 transitions. [2024-11-16 07:55:41,928 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:41,928 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 40 [2024-11-16 07:55:41,929 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,931 INFO L225 Difference]: With dead ends: 252 [2024-11-16 07:55:41,931 INFO L226 Difference]: Without dead ends: 170 [2024-11-16 07:55:41,932 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,934 INFO L432 NwaCegarLoop]: 130 mSDtfsCounter, 102 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 102 SdHoareTripleChecker+Valid, 231 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,936 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [102 Valid, 231 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:41,937 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2024-11-16 07:55:41,953 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 166. [2024-11-16 07:55:41,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 166 states, 123 states have (on average 1.3170731707317074) internal successors, (162), 138 states have internal predecessors, (162), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 19 states have call predecessors, (26), 26 states have call successors, (26) [2024-11-16 07:55:41,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 166 states to 166 states and 214 transitions. [2024-11-16 07:55:41,956 INFO L78 Accepts]: Start accepts. Automaton has 166 states and 214 transitions. Word has length 40 [2024-11-16 07:55:41,956 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,957 INFO L471 AbstractCegarLoop]: Abstraction has 166 states and 214 transitions. [2024-11-16 07:55:41,957 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:41,957 INFO L276 IsEmpty]: Start isEmpty. Operand 166 states and 214 transitions. [2024-11-16 07:55:41,959 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-16 07:55:41,959 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,959 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,959 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:55:41,959 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,960 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,960 INFO L85 PathProgramCache]: Analyzing trace with hash 277670010, now seen corresponding path program 1 times [2024-11-16 07:55:41,960 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,960 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [166436358] [2024-11-16 07:55:41,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,089 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-16 07:55:42,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:55:42,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,125 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:55:42,125 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:42,125 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [166436358] [2024-11-16 07:55:42,125 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [166436358] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:42,125 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:42,125 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:42,126 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1458048963] [2024-11-16 07:55:42,126 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:42,126 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:42,126 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:42,127 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:42,127 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:42,127 INFO L87 Difference]: Start difference. First operand 166 states and 214 transitions. Second operand has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:42,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:42,320 INFO L93 Difference]: Finished difference Result 427 states and 558 transitions. [2024-11-16 07:55:42,320 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:55:42,321 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 43 [2024-11-16 07:55:42,321 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:42,325 INFO L225 Difference]: With dead ends: 427 [2024-11-16 07:55:42,326 INFO L226 Difference]: Without dead ends: 269 [2024-11-16 07:55:42,327 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:42,331 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 82 mSDsluCounter, 367 mSDsCounter, 0 mSdLazyCounter, 70 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 478 SdHoareTripleChecker+Invalid, 79 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 70 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:42,332 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 478 Invalid, 79 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 70 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:42,333 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 269 states. [2024-11-16 07:55:42,354 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 269 to 268. [2024-11-16 07:55:42,355 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 201 states have (on average 1.2686567164179106) internal successors, (255), 218 states have internal predecessors, (255), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (44), 33 states have call predecessors, (44), 36 states have call successors, (44) [2024-11-16 07:55:42,357 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 335 transitions. [2024-11-16 07:55:42,358 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 335 transitions. Word has length 43 [2024-11-16 07:55:42,358 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:42,358 INFO L471 AbstractCegarLoop]: Abstraction has 268 states and 335 transitions. [2024-11-16 07:55:42,358 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.333333333333333) internal successors, (38), 5 states have internal predecessors, (38), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:42,359 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 335 transitions. [2024-11-16 07:55:42,360 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:55:42,361 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:42,361 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:42,361 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:55:42,361 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:42,362 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:42,363 INFO L85 PathProgramCache]: Analyzing trace with hash 470260149, now seen corresponding path program 1 times [2024-11-16 07:55:42,363 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:42,363 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1245980349] [2024-11-16 07:55:42,363 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:42,363 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:42,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,471 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:42,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,480 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:42,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,528 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:42,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,533 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-16 07:55:42,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,536 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:42,537 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:42,537 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1245980349] [2024-11-16 07:55:42,538 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1245980349] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:42,540 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:42,540 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:42,540 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1778388294] [2024-11-16 07:55:42,540 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:42,540 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:42,541 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:42,541 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:42,541 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:42,542 INFO L87 Difference]: Start difference. First operand 268 states and 335 transitions. Second operand has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:55:42,737 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:42,738 INFO L93 Difference]: Finished difference Result 583 states and 746 transitions. [2024-11-16 07:55:42,738 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:55:42,739 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 62 [2024-11-16 07:55:42,739 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:42,741 INFO L225 Difference]: With dead ends: 583 [2024-11-16 07:55:42,744 INFO L226 Difference]: Without dead ends: 323 [2024-11-16 07:55:42,745 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:42,747 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 60 mSDsluCounter, 309 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:42,750 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 402 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:42,751 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 323 states. [2024-11-16 07:55:42,795 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 323 to 320. [2024-11-16 07:55:42,796 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 320 states, 243 states have (on average 1.2551440329218106) internal successors, (305), 260 states have internal predecessors, (305), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-11-16 07:55:42,800 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 320 states to 320 states and 399 transitions. [2024-11-16 07:55:42,801 INFO L78 Accepts]: Start accepts. Automaton has 320 states and 399 transitions. Word has length 62 [2024-11-16 07:55:42,801 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:42,802 INFO L471 AbstractCegarLoop]: Abstraction has 320 states and 399 transitions. [2024-11-16 07:55:42,802 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:55:42,802 INFO L276 IsEmpty]: Start isEmpty. Operand 320 states and 399 transitions. [2024-11-16 07:55:42,808 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:55:42,808 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:42,808 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:42,808 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:55:42,808 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:42,809 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:42,809 INFO L85 PathProgramCache]: Analyzing trace with hash 215523604, now seen corresponding path program 1 times [2024-11-16 07:55:42,809 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:42,809 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [876620116] [2024-11-16 07:55:42,809 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:42,809 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:42,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,884 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:42,886 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,891 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:42,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:42,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,921 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-16 07:55:42,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,923 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:42,923 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:42,923 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [876620116] [2024-11-16 07:55:42,923 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [876620116] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:42,924 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:42,924 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:42,924 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1138955384] [2024-11-16 07:55:42,924 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:42,924 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:42,925 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:42,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:42,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:42,925 INFO L87 Difference]: Start difference. First operand 320 states and 399 transitions. Second operand has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:43,189 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:43,190 INFO L93 Difference]: Finished difference Result 647 states and 820 transitions. [2024-11-16 07:55:43,190 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-16 07:55:43,191 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 62 [2024-11-16 07:55:43,191 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:43,193 INFO L225 Difference]: With dead ends: 647 [2024-11-16 07:55:43,193 INFO L226 Difference]: Without dead ends: 335 [2024-11-16 07:55:43,197 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-16 07:55:43,198 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 207 mSDsluCounter, 315 mSDsCounter, 0 mSdLazyCounter, 149 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 217 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 149 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:43,202 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [217 Valid, 417 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 149 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:55:43,203 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 335 states. [2024-11-16 07:55:43,231 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 335 to 324. [2024-11-16 07:55:43,232 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 324 states, 247 states have (on average 1.2510121457489878) internal successors, (309), 264 states have internal predecessors, (309), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-11-16 07:55:43,235 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 324 states to 324 states and 403 transitions. [2024-11-16 07:55:43,235 INFO L78 Accepts]: Start accepts. Automaton has 324 states and 403 transitions. Word has length 62 [2024-11-16 07:55:43,236 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:43,236 INFO L471 AbstractCegarLoop]: Abstraction has 324 states and 403 transitions. [2024-11-16 07:55:43,236 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:43,236 INFO L276 IsEmpty]: Start isEmpty. Operand 324 states and 403 transitions. [2024-11-16 07:55:43,237 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:55:43,237 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:43,238 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:43,238 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:55:43,238 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:43,238 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:43,238 INFO L85 PathProgramCache]: Analyzing trace with hash 238155858, now seen corresponding path program 1 times [2024-11-16 07:55:43,239 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:43,239 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [26161014] [2024-11-16 07:55:43,239 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:43,239 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:43,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,310 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:43,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,317 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:43,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,339 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:43,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,344 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2024-11-16 07:55:43,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,347 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:43,347 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:43,347 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [26161014] [2024-11-16 07:55:43,348 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [26161014] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:43,348 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:43,348 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:55:43,349 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [274041128] [2024-11-16 07:55:43,349 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:43,349 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:55:43,349 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:43,350 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:55:43,350 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:43,351 INFO L87 Difference]: Start difference. First operand 324 states and 403 transitions. Second operand has 5 states, 5 states have (on average 10.2) internal successors, (51), 4 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:43,594 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:43,594 INFO L93 Difference]: Finished difference Result 922 states and 1189 transitions. [2024-11-16 07:55:43,595 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:55:43,595 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 4 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 62 [2024-11-16 07:55:43,595 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:43,599 INFO L225 Difference]: With dead ends: 922 [2024-11-16 07:55:43,600 INFO L226 Difference]: Without dead ends: 606 [2024-11-16 07:55:43,601 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:55:43,602 INFO L432 NwaCegarLoop]: 140 mSDtfsCounter, 239 mSDsluCounter, 194 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 69 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 247 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 217 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 69 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:43,602 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [247 Valid, 334 Invalid, 217 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [69 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:55:43,603 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 606 states. [2024-11-16 07:55:43,639 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 606 to 598. [2024-11-16 07:55:43,640 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 598 states, 455 states have (on average 1.221978021978022) internal successors, (556), 481 states have internal predecessors, (556), 77 states have call successors, (77), 63 states have call predecessors, (77), 65 states have return successors, (115), 76 states have call predecessors, (115), 77 states have call successors, (115) [2024-11-16 07:55:43,644 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 598 states to 598 states and 748 transitions. [2024-11-16 07:55:43,645 INFO L78 Accepts]: Start accepts. Automaton has 598 states and 748 transitions. Word has length 62 [2024-11-16 07:55:43,645 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:43,646 INFO L471 AbstractCegarLoop]: Abstraction has 598 states and 748 transitions. [2024-11-16 07:55:43,646 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.2) internal successors, (51), 4 states have internal predecessors, (51), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:43,646 INFO L276 IsEmpty]: Start isEmpty. Operand 598 states and 748 transitions. [2024-11-16 07:55:43,647 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-16 07:55:43,648 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:43,648 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:43,648 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:55:43,648 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:43,649 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:43,649 INFO L85 PathProgramCache]: Analyzing trace with hash 95768500, now seen corresponding path program 1 times [2024-11-16 07:55:43,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:43,649 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2008762890] [2024-11-16 07:55:43,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:43,650 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:43,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,819 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:43,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,860 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-16 07:55:43,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,872 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-16 07:55:43,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,881 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:43,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,885 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2024-11-16 07:55:43,886 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,887 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:43,888 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:43,888 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2008762890] [2024-11-16 07:55:43,888 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2008762890] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:43,888 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:43,888 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-16 07:55:43,888 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1685073446] [2024-11-16 07:55:43,888 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:43,889 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-16 07:55:43,889 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:43,890 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-16 07:55:43,890 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:43,891 INFO L87 Difference]: Start difference. First operand 598 states and 748 transitions. Second operand has 9 states, 9 states have (on average 5.888888888888889) internal successors, (53), 7 states have internal predecessors, (53), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:55:44,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:44,613 INFO L93 Difference]: Finished difference Result 1823 states and 2376 transitions. [2024-11-16 07:55:44,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-16 07:55:44,614 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.888888888888889) internal successors, (53), 7 states have internal predecessors, (53), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 66 [2024-11-16 07:55:44,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:44,622 INFO L225 Difference]: With dead ends: 1823 [2024-11-16 07:55:44,623 INFO L226 Difference]: Without dead ends: 1339 [2024-11-16 07:55:44,626 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-16 07:55:44,626 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 460 mSDsluCounter, 544 mSDsCounter, 0 mSdLazyCounter, 573 mSolverCounterSat, 146 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 468 SdHoareTripleChecker+Valid, 657 SdHoareTripleChecker+Invalid, 719 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 146 IncrementalHoareTripleChecker+Valid, 573 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:44,627 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [468 Valid, 657 Invalid, 719 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [146 Valid, 573 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-16 07:55:44,629 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1339 states. [2024-11-16 07:55:44,728 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1339 to 1163. [2024-11-16 07:55:44,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1163 states, 882 states have (on average 1.219954648526077) internal successors, (1076), 939 states have internal predecessors, (1076), 152 states have call successors, (152), 112 states have call predecessors, (152), 128 states have return successors, (230), 150 states have call predecessors, (230), 152 states have call successors, (230) [2024-11-16 07:55:44,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1163 states to 1163 states and 1458 transitions. [2024-11-16 07:55:44,737 INFO L78 Accepts]: Start accepts. Automaton has 1163 states and 1458 transitions. Word has length 66 [2024-11-16 07:55:44,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:44,738 INFO L471 AbstractCegarLoop]: Abstraction has 1163 states and 1458 transitions. [2024-11-16 07:55:44,738 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.888888888888889) internal successors, (53), 7 states have internal predecessors, (53), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:55:44,738 INFO L276 IsEmpty]: Start isEmpty. Operand 1163 states and 1458 transitions. [2024-11-16 07:55:44,740 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 98 [2024-11-16 07:55:44,740 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:44,741 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:44,741 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:55:44,741 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:44,742 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:44,742 INFO L85 PathProgramCache]: Analyzing trace with hash 1680679972, now seen corresponding path program 1 times [2024-11-16 07:55:44,742 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:44,742 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [247363798] [2024-11-16 07:55:44,742 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:44,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:44,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,780 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:44,782 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,792 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:55:44,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,813 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:44,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,821 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-16 07:55:44,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,829 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:44,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,832 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2024-11-16 07:55:44,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,834 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-11-16 07:55:44,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:44,837 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 20 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-16 07:55:44,837 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:44,837 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [247363798] [2024-11-16 07:55:44,837 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [247363798] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:44,838 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:44,838 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-16 07:55:44,838 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [956994980] [2024-11-16 07:55:44,838 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:44,838 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-16 07:55:44,838 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:44,839 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-16 07:55:44,839 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:55:44,839 INFO L87 Difference]: Start difference. First operand 1163 states and 1458 transitions. Second operand has 7 states, 7 states have (on average 11.142857142857142) internal successors, (78), 4 states have internal predecessors, (78), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-16 07:55:45,237 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:45,237 INFO L93 Difference]: Finished difference Result 1976 states and 2467 transitions. [2024-11-16 07:55:45,238 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-16 07:55:45,238 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 11.142857142857142) internal successors, (78), 4 states have internal predecessors, (78), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 97 [2024-11-16 07:55:45,238 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:45,243 INFO L225 Difference]: With dead ends: 1976 [2024-11-16 07:55:45,243 INFO L226 Difference]: Without dead ends: 821 [2024-11-16 07:55:45,247 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 19 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-11-16 07:55:45,248 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 309 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 256 mSolverCounterSat, 87 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 318 SdHoareTripleChecker+Valid, 346 SdHoareTripleChecker+Invalid, 343 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 87 IncrementalHoareTripleChecker+Valid, 256 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:45,248 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [318 Valid, 346 Invalid, 343 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [87 Valid, 256 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:55:45,249 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 821 states. [2024-11-16 07:55:45,306 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 821 to 782. [2024-11-16 07:55:45,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 782 states, 597 states have (on average 1.2077051926298157) internal successors, (721), 636 states have internal predecessors, (721), 100 states have call successors, (100), 76 states have call predecessors, (100), 84 states have return successors, (140), 99 states have call predecessors, (140), 100 states have call successors, (140) [2024-11-16 07:55:45,312 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 782 states to 782 states and 961 transitions. [2024-11-16 07:55:45,313 INFO L78 Accepts]: Start accepts. Automaton has 782 states and 961 transitions. Word has length 97 [2024-11-16 07:55:45,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:45,314 INFO L471 AbstractCegarLoop]: Abstraction has 782 states and 961 transitions. [2024-11-16 07:55:45,314 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 11.142857142857142) internal successors, (78), 4 states have internal predecessors, (78), 4 states have call successors, (8), 5 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-16 07:55:45,314 INFO L276 IsEmpty]: Start isEmpty. Operand 782 states and 961 transitions. [2024-11-16 07:55:45,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-16 07:55:45,316 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:45,316 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:45,316 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-16 07:55:45,316 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:45,317 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:45,317 INFO L85 PathProgramCache]: Analyzing trace with hash 791821071, now seen corresponding path program 1 times [2024-11-16 07:55:45,317 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:45,317 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [654810251] [2024-11-16 07:55:45,317 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:45,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:45,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,436 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:45,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,448 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-16 07:55:45,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:45,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,480 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-16 07:55:45,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,490 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:45,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,497 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-16 07:55:45,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,513 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2024-11-16 07:55:45,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,517 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2024-11-16 07:55:45,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,521 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:55:45,522 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,522 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2024-11-16 07:55:45,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,527 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 17 proven. 11 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-11-16 07:55:45,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:45,528 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [654810251] [2024-11-16 07:55:45,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [654810251] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:55:45,529 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [714852899] [2024-11-16 07:55:45,529 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:45,529 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:45,529 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:45,531 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:55:45,532 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:55:45,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:45,632 INFO L255 TraceCheckSpWp]: Trace formula consists of 352 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-16 07:55:45,641 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:55:45,810 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 30 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:55:45,811 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:55:46,063 INFO L134 CoverageAnalysis]: Checked inductivity of 39 backedges. 20 proven. 8 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-11-16 07:55:46,063 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [714852899] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-16 07:55:46,064 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-16 07:55:46,064 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-16 07:55:46,064 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [893093700] [2024-11-16 07:55:46,064 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-16 07:55:46,065 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-16 07:55:46,065 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:46,065 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-16 07:55:46,066 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:55:46,066 INFO L87 Difference]: Start difference. First operand 782 states and 961 transitions. Second operand has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-11-16 07:55:47,583 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:47,584 INFO L93 Difference]: Finished difference Result 1806 states and 2283 transitions. [2024-11-16 07:55:47,584 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 49 states. [2024-11-16 07:55:47,585 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) Word has length 111 [2024-11-16 07:55:47,585 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:47,591 INFO L225 Difference]: With dead ends: 1806 [2024-11-16 07:55:47,592 INFO L226 Difference]: Without dead ends: 1118 [2024-11-16 07:55:47,595 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 306 GetRequests, 248 SyntacticMatches, 4 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 922 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=621, Invalid=2459, Unknown=0, NotChecked=0, Total=3080 [2024-11-16 07:55:47,596 INFO L432 NwaCegarLoop]: 191 mSDtfsCounter, 507 mSDsluCounter, 1259 mSDsCounter, 0 mSdLazyCounter, 1259 mSolverCounterSat, 173 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 515 SdHoareTripleChecker+Valid, 1450 SdHoareTripleChecker+Invalid, 1432 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 173 IncrementalHoareTripleChecker+Valid, 1259 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:47,596 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [515 Valid, 1450 Invalid, 1432 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [173 Valid, 1259 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-16 07:55:47,598 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1118 states. [2024-11-16 07:55:47,657 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1118 to 882. [2024-11-16 07:55:47,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 882 states, 665 states have (on average 1.1864661654135338) internal successors, (789), 716 states have internal predecessors, (789), 117 states have call successors, (117), 97 states have call predecessors, (117), 99 states have return successors, (143), 105 states have call predecessors, (143), 117 states have call successors, (143) [2024-11-16 07:55:47,662 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 882 states to 882 states and 1049 transitions. [2024-11-16 07:55:47,664 INFO L78 Accepts]: Start accepts. Automaton has 882 states and 1049 transitions. Word has length 111 [2024-11-16 07:55:47,665 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:47,665 INFO L471 AbstractCegarLoop]: Abstraction has 882 states and 1049 transitions. [2024-11-16 07:55:47,665 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.6) internal successors, (129), 10 states have internal predecessors, (129), 6 states have call successors, (24), 7 states have call predecessors, (24), 6 states have return successors, (20), 7 states have call predecessors, (20), 6 states have call successors, (20) [2024-11-16 07:55:47,665 INFO L276 IsEmpty]: Start isEmpty. Operand 882 states and 1049 transitions. [2024-11-16 07:55:47,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 205 [2024-11-16 07:55:47,669 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:47,670 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:47,689 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-16 07:55:47,870 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:55:47,871 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:47,871 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:47,871 INFO L85 PathProgramCache]: Analyzing trace with hash -1934778609, now seen corresponding path program 1 times [2024-11-16 07:55:47,871 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:47,871 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [192129301] [2024-11-16 07:55:47,872 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:47,872 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:47,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,077 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:48,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,090 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-16 07:55:48,094 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:48,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,108 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-16 07:55:48,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,114 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:48,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,117 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-16 07:55:48,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,125 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:48,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,128 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:55:48,129 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,130 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-16 07:55:48,131 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,132 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:55:48,132 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,133 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2024-11-16 07:55:48,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,193 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:48,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:55:48,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,199 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-16 07:55:48,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,200 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 151 [2024-11-16 07:55:48,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 162 [2024-11-16 07:55:48,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 171 [2024-11-16 07:55:48,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,216 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:48,217 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,219 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 195 [2024-11-16 07:55:48,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,221 INFO L134 CoverageAnalysis]: Checked inductivity of 228 backedges. 75 proven. 5 refuted. 0 times theorem prover too weak. 148 trivial. 0 not checked. [2024-11-16 07:55:48,221 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:48,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [192129301] [2024-11-16 07:55:48,221 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [192129301] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:55:48,222 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [462949933] [2024-11-16 07:55:48,222 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:48,222 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:48,222 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:48,224 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:55:48,226 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-16 07:55:48,354 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:48,357 INFO L255 TraceCheckSpWp]: Trace formula consists of 581 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-16 07:55:48,362 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:55:48,557 INFO L134 CoverageAnalysis]: Checked inductivity of 228 backedges. 166 proven. 5 refuted. 0 times theorem prover too weak. 57 trivial. 0 not checked. [2024-11-16 07:55:48,557 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:55:48,991 INFO L134 CoverageAnalysis]: Checked inductivity of 228 backedges. 86 proven. 43 refuted. 0 times theorem prover too weak. 99 trivial. 0 not checked. [2024-11-16 07:55:48,992 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [462949933] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-16 07:55:48,992 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-16 07:55:48,992 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2024-11-16 07:55:48,992 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1218521240] [2024-11-16 07:55:48,993 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-16 07:55:48,993 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2024-11-16 07:55:48,994 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:48,994 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2024-11-16 07:55:48,995 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=481, Unknown=0, NotChecked=0, Total=600 [2024-11-16 07:55:48,995 INFO L87 Difference]: Start difference. First operand 882 states and 1049 transitions. Second operand has 25 states, 25 states have (on average 9.08) internal successors, (227), 22 states have internal predecessors, (227), 9 states have call successors, (39), 9 states have call predecessors, (39), 10 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) [2024-11-16 07:55:50,239 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:50,239 INFO L93 Difference]: Finished difference Result 1924 states and 2358 transitions. [2024-11-16 07:55:50,240 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2024-11-16 07:55:50,240 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 9.08) internal successors, (227), 22 states have internal predecessors, (227), 9 states have call successors, (39), 9 states have call predecessors, (39), 10 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) Word has length 204 [2024-11-16 07:55:50,241 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:50,243 INFO L225 Difference]: With dead ends: 1924 [2024-11-16 07:55:50,243 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:55:50,248 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 489 GetRequests, 437 SyntacticMatches, 3 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 530 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=529, Invalid=2021, Unknown=0, NotChecked=0, Total=2550 [2024-11-16 07:55:50,249 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 946 mSDsluCounter, 727 mSDsCounter, 0 mSdLazyCounter, 1071 mSolverCounterSat, 406 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 952 SdHoareTripleChecker+Valid, 835 SdHoareTripleChecker+Invalid, 1477 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 406 IncrementalHoareTripleChecker+Valid, 1071 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:50,250 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [952 Valid, 835 Invalid, 1477 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [406 Valid, 1071 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-16 07:55:50,250 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:55:50,250 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:55:50,250 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:55:50,250 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:55:50,252 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 204 [2024-11-16 07:55:50,252 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:50,252 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:55:50,252 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 9.08) internal successors, (227), 22 states have internal predecessors, (227), 9 states have call successors, (39), 9 states have call predecessors, (39), 10 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) [2024-11-16 07:55:50,252 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:55:50,253 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:55:50,255 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:55:50,274 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-16 07:55:50,459 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-16 07:55:50,463 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:50,465 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:55:56,535 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:55:56,546 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) .cse1 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-16 07:55:56,579 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= 0 ~systemActive~0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= 1 |old(~pumpRunning~0)|)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4 .cse5) (and .cse0 .cse1 .cse4) (and .cse3 .cse0 .cse2) (and .cse3 .cse0 .cse4) (and .cse3 .cse5 .cse2)))) Eliminated clause: (let ((.cse5 (= 0 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse1 .cse5) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-16 07:55:56,610 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (= |old(~waterLevel~0)| 2)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 0 ~systemActive~0) (<= |old(~waterLevel~0)| 2)) (and .cse3 .cse1 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse1 .cse4 (<= 1 ~switchedOnBeforeTS~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (<= ~waterLevel~0 2) (= 0 ~systemActive~0)) (and .cse0 .cse4 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-16 07:55:56,622 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (= 2 ~waterLevel~0) .cse2) (and (<= 1 ~pumpRunning~0) .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2024-11-16 07:55:56,642 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:55:56 BoogieIcfgContainer [2024-11-16 07:55:56,643 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:55:56,643 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:55:56,643 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:55:56,644 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:55:56,644 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40" (3/4) ... [2024-11-16 07:55:56,646 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:55:56,650 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-16 07:55:56,650 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-16 07:55:56,651 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-16 07:55:56,659 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 41 nodes and edges [2024-11-16 07:55:56,659 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:55:56,660 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:55:56,660 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:56,660 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:56,759 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:55:56,760 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:55:56,760 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:55:56,761 INFO L158 Benchmark]: Toolchain (without parser) took 17076.17ms. Allocated memory was 157.3MB in the beginning and 327.2MB in the end (delta: 169.9MB). Free memory was 92.9MB in the beginning and 208.5MB in the end (delta: -115.5MB). Peak memory consumption was 53.7MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,761 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 96.5MB. Free memory is still 50.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:55:56,761 INFO L158 Benchmark]: CACSL2BoogieTranslator took 581.15ms. Allocated memory is still 157.3MB. Free memory was 92.5MB in the beginning and 118.9MB in the end (delta: -26.4MB). Peak memory consumption was 8.9MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,761 INFO L158 Benchmark]: Boogie Procedure Inliner took 58.81ms. Allocated memory is still 157.3MB. Free memory was 118.9MB in the beginning and 116.7MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,762 INFO L158 Benchmark]: Boogie Preprocessor took 64.71ms. Allocated memory is still 157.3MB. Free memory was 116.7MB in the beginning and 114.7MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,762 INFO L158 Benchmark]: IcfgBuilder took 517.05ms. Allocated memory is still 157.3MB. Free memory was 114.7MB in the beginning and 94.3MB in the end (delta: 20.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,762 INFO L158 Benchmark]: TraceAbstraction took 15728.92ms. Allocated memory was 157.3MB in the beginning and 327.2MB in the end (delta: 169.9MB). Free memory was 93.2MB in the beginning and 216.9MB in the end (delta: -123.7MB). Peak memory consumption was 164.3MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,762 INFO L158 Benchmark]: Witness Printer took 116.79ms. Allocated memory is still 327.2MB. Free memory was 216.9MB in the beginning and 208.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-16 07:55:56,764 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 96.5MB. Free memory is still 50.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 581.15ms. Allocated memory is still 157.3MB. Free memory was 92.5MB in the beginning and 118.9MB in the end (delta: -26.4MB). Peak memory consumption was 8.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 58.81ms. Allocated memory is still 157.3MB. Free memory was 118.9MB in the beginning and 116.7MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 64.71ms. Allocated memory is still 157.3MB. Free memory was 116.7MB in the beginning and 114.7MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 517.05ms. Allocated memory is still 157.3MB. Free memory was 114.7MB in the beginning and 94.3MB in the end (delta: 20.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 15728.92ms. Allocated memory was 157.3MB in the beginning and 327.2MB in the end (delta: 169.9MB). Free memory was 93.2MB in the beginning and 216.9MB in the end (delta: -123.7MB). Peak memory consumption was 164.3MB. Max. memory is 16.1GB. * Witness Printer took 116.79ms. Allocated memory is still 327.2MB. Free memory was 216.9MB in the beginning and 208.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] - GenericResultAtLocation [Line: 424]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [424] - GenericResultAtLocation [Line: 499]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [499] - GenericResultAtLocation [Line: 730]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [730] - GenericResultAtLocation [Line: 825]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [825] - GenericResultAtLocation [Line: 926]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [926] - GenericResultAtLocation [Line: 975]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [975] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 420]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 112 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.5s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 5.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2989 SdHoareTripleChecker+Valid, 3.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2928 mSDsluCounter, 5491 SdHoareTripleChecker+Invalid, 2.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4138 mSDsCounter, 956 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3671 IncrementalHoareTripleChecker+Invalid, 4627 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 956 mSolverCounterUnsat, 1353 mSDtfsCounter, 3671 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 945 GetRequests, 774 SyntacticMatches, 7 SemanticMatches, 164 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1558 ImplicationChecksByTransitivity, 1.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1163occurred in iteration=8, InterpolantAutomatonStates: 146, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 478 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.7s InterpolantComputationTime, 1133 NumberOfCodeBlocks, 1133 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1433 ConstructedInterpolants, 0 QuantifiedInterpolants, 2655 SizeOfPredicates, 2 NumberOfNonLiveVariables, 933 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 773/854 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 837]: Location Invariant Derived location invariant: null - InvariantResult [Line: 441]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 624]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((pumpRunning == 0) && ((((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || ((2 == waterLevel) && (1 <= \old(pumpRunning))))) && (((2 == waterLevel) && (1 == systemActive)) || (waterLevel < 2))) && ((((((head == \old(head)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 540]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 758]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 827]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 513]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((((((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 1)) || ((1 <= \old(pumpRunning)) && (\old(waterLevel) == 2))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) == 2))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 1)) && (1 <= \old(pumpRunning)))) && (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (\old(pumpRunning) != 0)) || (\old(waterLevel) != 2)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS)))) && ((((\old(waterLevel) != 1) || ((((pumpRunning == \old(pumpRunning)) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && ((((1 < \old(waterLevel)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (0 == systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 746]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: (((((((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && ((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 548]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((waterLevel <= 1) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((head == \old(head)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 643]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((waterLevel <= 2) && (0 == systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && ((\result == 0) || (0 != systemActive))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 632]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) Ensures: (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS))) && (((((((head == \old(head)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:55:56,797 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE