./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:13:18,611 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:13:18,681 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:13:18,687 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:13:18,690 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:13:18,725 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:13:18,726 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:13:18,726 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:13:18,727 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:13:18,728 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:13:18,729 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:13:18,729 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:13:18,730 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:13:18,730 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:13:18,732 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:13:18,732 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:13:18,732 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:13:18,733 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:13:18,733 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:13:18,733 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:13:18,737 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:13:18,737 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:13:18,738 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:13:18,738 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:13:18,738 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:13:18,738 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:13:18,739 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:13:18,739 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:13:18,739 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:13:18,740 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:13:18,740 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:13:18,740 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:13:18,740 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:13:18,740 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:13:18,741 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:13:18,741 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:13:18,741 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:13:18,742 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:13:18,742 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:13:18,742 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:13:18,742 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:13:18,743 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:13:18,743 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea [2024-11-08 15:13:19,014 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:13:19,040 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:13:19,043 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:13:19,044 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:13:19,045 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:13:19,046 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2024-11-08 15:13:20,478 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:13:20,725 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:13:20,726 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2024-11-08 15:13:20,745 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0ffec2838/893bac896f334c94bb78aef319d12dc5/FLAG0e02e26f2 [2024-11-08 15:13:20,765 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0ffec2838/893bac896f334c94bb78aef319d12dc5 [2024-11-08 15:13:20,767 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:13:20,768 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:13:20,770 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:13:20,770 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:13:20,776 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:13:20,777 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:13:20" (1/1) ... [2024-11-08 15:13:20,779 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@717b434 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:20, skipping insertion in model container [2024-11-08 15:13:20,780 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:13:20" (1/1) ... [2024-11-08 15:13:20,833 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:13:21,008 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2024-11-08 15:13:21,132 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:13:21,145 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:13:21,155 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] [2024-11-08 15:13:21,156 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [78] [2024-11-08 15:13:21,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [87] [2024-11-08 15:13:21,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [125] [2024-11-08 15:13:21,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [225] [2024-11-08 15:13:21,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [440] [2024-11-08 15:13:21,157 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [508] [2024-11-08 15:13:21,158 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [874] [2024-11-08 15:13:21,167 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2024-11-08 15:13:21,228 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:13:21,293 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:13:21,293 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21 WrapperNode [2024-11-08 15:13:21,293 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:13:21,294 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:13:21,295 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:13:21,295 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:13:21,301 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,313 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,349 INFO L138 Inliner]: procedures = 55, calls = 101, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 188 [2024-11-08 15:13:21,349 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:13:21,350 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:13:21,350 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:13:21,350 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:13:21,360 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,360 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,362 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,377 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:13:21,377 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,378 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,383 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,390 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,391 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,396 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,398 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:13:21,399 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:13:21,399 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:13:21,399 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:13:21,400 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (1/1) ... [2024-11-08 15:13:21,406 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:13:21,417 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:13:21,435 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:13:21,440 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:13:21,490 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:13:21,490 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:13:21,490 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:13:21,490 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:13:21,490 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:13:21,491 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:13:21,491 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:13:21,491 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-08 15:13:21,491 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-08 15:13:21,491 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:13:21,492 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:13:21,492 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:21,492 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:21,492 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-08 15:13:21,492 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-08 15:13:21,493 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:13:21,493 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:13:21,493 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:13:21,493 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:13:21,493 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:13:21,493 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:13:21,494 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:13:21,566 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:13:21,569 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:13:21,864 INFO L? ?]: Removed 41 outVars from TransFormulas that were not future-live. [2024-11-08 15:13:21,864 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:13:21,892 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:13:21,892 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:13:21,892 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:21 BoogieIcfgContainer [2024-11-08 15:13:21,893 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:13:21,896 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:13:21,896 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:13:21,899 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:13:21,899 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:13:20" (1/3) ... [2024-11-08 15:13:21,900 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79c7aa51 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:13:21, skipping insertion in model container [2024-11-08 15:13:21,900 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:21" (2/3) ... [2024-11-08 15:13:21,901 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@79c7aa51 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:13:21, skipping insertion in model container [2024-11-08 15:13:21,901 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:21" (3/3) ... [2024-11-08 15:13:21,902 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product47.cil.c [2024-11-08 15:13:21,917 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:13:21,918 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:13:21,972 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:13:21,978 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@77d50a97, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:13:21,979 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:13:21,983 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-08 15:13:21,993 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-11-08 15:13:21,993 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:21,994 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:21,995 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:21,999 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:21,999 INFO L85 PathProgramCache]: Analyzing trace with hash -707310338, now seen corresponding path program 1 times [2024-11-08 15:13:22,005 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:22,006 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1914616414] [2024-11-08 15:13:22,006 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:22,006 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:22,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,165 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:13:22,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,177 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:22,179 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:22,179 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1914616414] [2024-11-08 15:13:22,180 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1914616414] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:22,180 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:22,181 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:13:22,184 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [628213639] [2024-11-08 15:13:22,185 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:22,189 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:13:22,189 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:22,210 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:13:22,211 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:13:22,215 INFO L87 Difference]: Start difference. First operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:22,259 INFO L93 Difference]: Finished difference Result 192 states and 259 transitions. [2024-11-08 15:13:22,261 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:13:22,263 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2024-11-08 15:13:22,263 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:22,272 INFO L225 Difference]: With dead ends: 192 [2024-11-08 15:13:22,272 INFO L226 Difference]: Without dead ends: 91 [2024-11-08 15:13:22,276 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:13:22,279 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:22,280 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:22,295 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-11-08 15:13:22,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2024-11-08 15:13:22,315 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 66 states have (on average 1.303030303030303) internal successors, (86), 74 states have internal predecessors, (86), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-08 15:13:22,317 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2024-11-08 15:13:22,319 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 23 [2024-11-08 15:13:22,319 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:22,320 INFO L471 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2024-11-08 15:13:22,320 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,320 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2024-11-08 15:13:22,322 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-08 15:13:22,322 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:22,323 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:22,323 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:13:22,323 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:22,324 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:22,324 INFO L85 PathProgramCache]: Analyzing trace with hash 624156156, now seen corresponding path program 1 times [2024-11-08 15:13:22,324 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:22,325 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1163206150] [2024-11-08 15:13:22,325 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:22,325 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:22,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,450 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-08 15:13:22,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,456 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:22,456 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:22,457 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1163206150] [2024-11-08 15:13:22,457 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1163206150] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:22,457 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:22,457 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:13:22,458 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1028725815] [2024-11-08 15:13:22,458 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:22,459 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:13:22,459 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:22,460 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:13:22,460 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:22,460 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,482 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:22,482 INFO L93 Difference]: Finished difference Result 144 states and 184 transitions. [2024-11-08 15:13:22,483 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:13:22,483 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-11-08 15:13:22,483 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:22,484 INFO L225 Difference]: With dead ends: 144 [2024-11-08 15:13:22,485 INFO L226 Difference]: Without dead ends: 82 [2024-11-08 15:13:22,485 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:22,486 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 16 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:22,487 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 187 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:22,488 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2024-11-08 15:13:22,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2024-11-08 15:13:22,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 68 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:13:22,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2024-11-08 15:13:22,508 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 24 [2024-11-08 15:13:22,508 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:22,509 INFO L471 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2024-11-08 15:13:22,509 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,510 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2024-11-08 15:13:22,511 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-08 15:13:22,512 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:22,512 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:22,512 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:13:22,513 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:22,513 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:22,514 INFO L85 PathProgramCache]: Analyzing trace with hash -1800989914, now seen corresponding path program 1 times [2024-11-08 15:13:22,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:22,514 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [950313197] [2024-11-08 15:13:22,514 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:22,514 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:22,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,642 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:22,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,649 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:22,649 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:22,649 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [950313197] [2024-11-08 15:13:22,650 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [950313197] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:22,650 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:22,651 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:13:22,651 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [646854657] [2024-11-08 15:13:22,651 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:22,652 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:13:22,652 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:22,652 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:13:22,654 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:22,654 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:22,703 INFO L93 Difference]: Finished difference Result 231 states and 301 transitions. [2024-11-08 15:13:22,704 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:13:22,704 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2024-11-08 15:13:22,704 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:22,706 INFO L225 Difference]: With dead ends: 231 [2024-11-08 15:13:22,707 INFO L226 Difference]: Without dead ends: 156 [2024-11-08 15:13:22,708 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:22,710 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 85 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 218 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:22,711 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [85 Valid, 218 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:22,712 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2024-11-08 15:13:22,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 153. [2024-11-08 15:13:22,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 110 states have (on average 1.3363636363636364) internal successors, (147), 125 states have internal predecessors, (147), 26 states have call successors, (26), 16 states have call predecessors, (26), 16 states have return successors, (26), 19 states have call predecessors, (26), 26 states have call successors, (26) [2024-11-08 15:13:22,742 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 199 transitions. [2024-11-08 15:13:22,744 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 199 transitions. Word has length 28 [2024-11-08 15:13:22,744 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:22,745 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 199 transitions. [2024-11-08 15:13:22,745 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:22,745 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 199 transitions. [2024-11-08 15:13:22,746 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:13:22,746 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:22,747 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:22,747 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:13:22,747 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:22,748 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:22,748 INFO L85 PathProgramCache]: Analyzing trace with hash -40246052, now seen corresponding path program 1 times [2024-11-08 15:13:22,748 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:22,748 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [906710681] [2024-11-08 15:13:22,748 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:22,749 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:22,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,927 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:22,930 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:22,934 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:22,934 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:22,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [906710681] [2024-11-08 15:13:22,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [906710681] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:22,935 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:22,935 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:13:22,935 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1486489641] [2024-11-08 15:13:22,935 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:22,936 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:13:22,936 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:22,938 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:13:22,938 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:13:22,939 INFO L87 Difference]: Start difference. First operand 153 states and 199 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:23,056 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:23,056 INFO L93 Difference]: Finished difference Result 393 states and 520 transitions. [2024-11-08 15:13:23,057 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:13:23,057 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-11-08 15:13:23,057 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:23,060 INFO L225 Difference]: With dead ends: 393 [2024-11-08 15:13:23,060 INFO L226 Difference]: Without dead ends: 247 [2024-11-08 15:13:23,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:13:23,065 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 59 mSDsluCounter, 261 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:23,066 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 360 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:23,067 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2024-11-08 15:13:23,107 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 246. [2024-11-08 15:13:23,110 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 246 states, 179 states have (on average 1.2905027932960893) internal successors, (231), 196 states have internal predecessors, (231), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (44), 33 states have call predecessors, (44), 36 states have call successors, (44) [2024-11-08 15:13:23,114 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 246 states to 246 states and 311 transitions. [2024-11-08 15:13:23,114 INFO L78 Accepts]: Start accepts. Automaton has 246 states and 311 transitions. Word has length 32 [2024-11-08 15:13:23,115 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:23,116 INFO L471 AbstractCegarLoop]: Abstraction has 246 states and 311 transitions. [2024-11-08 15:13:23,117 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:23,117 INFO L276 IsEmpty]: Start isEmpty. Operand 246 states and 311 transitions. [2024-11-08 15:13:23,118 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-08 15:13:23,118 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:23,119 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:23,119 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:13:23,119 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:23,119 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:23,120 INFO L85 PathProgramCache]: Analyzing trace with hash -1083319393, now seen corresponding path program 1 times [2024-11-08 15:13:23,120 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:23,120 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1013325077] [2024-11-08 15:13:23,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:23,121 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:23,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,240 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:23,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,368 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:23,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,374 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:23,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,378 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:13:23,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,384 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:23,385 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:23,385 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1013325077] [2024-11-08 15:13:23,385 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1013325077] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:23,385 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:23,387 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:13:23,387 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1238120106] [2024-11-08 15:13:23,387 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:23,388 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:13:23,388 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:23,388 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:13:23,388 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:13:23,389 INFO L87 Difference]: Start difference. First operand 246 states and 311 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:13:23,686 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:23,687 INFO L93 Difference]: Finished difference Result 541 states and 696 transitions. [2024-11-08 15:13:23,687 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-08 15:13:23,687 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-08 15:13:23,688 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:23,690 INFO L225 Difference]: With dead ends: 541 [2024-11-08 15:13:23,691 INFO L226 Difference]: Without dead ends: 302 [2024-11-08 15:13:23,692 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-08 15:13:23,693 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 169 mSDsluCounter, 282 mSDsCounter, 0 mSdLazyCounter, 166 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 178 SdHoareTripleChecker+Valid, 377 SdHoareTripleChecker+Invalid, 215 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 166 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:23,694 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [178 Valid, 377 Invalid, 215 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 166 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:13:23,695 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 302 states. [2024-11-08 15:13:23,723 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 302 to 294. [2024-11-08 15:13:23,724 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 294 states, 217 states have (on average 1.2672811059907834) internal successors, (275), 234 states have internal predecessors, (275), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-11-08 15:13:23,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 294 states to 294 states and 369 transitions. [2024-11-08 15:13:23,726 INFO L78 Accepts]: Start accepts. Automaton has 294 states and 369 transitions. Word has length 54 [2024-11-08 15:13:23,727 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:23,727 INFO L471 AbstractCegarLoop]: Abstraction has 294 states and 369 transitions. [2024-11-08 15:13:23,727 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:13:23,728 INFO L276 IsEmpty]: Start isEmpty. Operand 294 states and 369 transitions. [2024-11-08 15:13:23,730 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-08 15:13:23,731 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:23,731 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:23,731 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:13:23,731 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:23,732 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:23,733 INFO L85 PathProgramCache]: Analyzing trace with hash -1105951647, now seen corresponding path program 1 times [2024-11-08 15:13:23,733 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:23,733 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2132666479] [2024-11-08 15:13:23,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:23,734 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:23,753 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,805 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:23,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,848 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:23,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:23,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,858 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:13:23,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:23,861 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:23,863 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:23,863 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2132666479] [2024-11-08 15:13:23,863 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2132666479] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:23,863 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:23,864 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:13:23,864 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [334311468] [2024-11-08 15:13:23,864 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:23,864 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:13:23,864 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:23,865 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:13:23,866 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:13:23,866 INFO L87 Difference]: Start difference. First operand 294 states and 369 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:13:24,056 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:24,057 INFO L93 Difference]: Finished difference Result 589 states and 756 transitions. [2024-11-08 15:13:24,057 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:13:24,058 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-08 15:13:24,058 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:24,060 INFO L225 Difference]: With dead ends: 589 [2024-11-08 15:13:24,062 INFO L226 Difference]: Without dead ends: 302 [2024-11-08 15:13:24,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:13:24,065 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 55 mSDsluCounter, 254 mSDsCounter, 0 mSdLazyCounter, 146 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 330 SdHoareTripleChecker+Invalid, 160 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 146 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:24,065 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 330 Invalid, 160 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 146 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:24,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 302 states. [2024-11-08 15:13:24,095 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 302 to 300. [2024-11-08 15:13:24,096 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 300 states, 223 states have (on average 1.2600896860986548) internal successors, (281), 240 states have internal predecessors, (281), 40 states have call successors, (40), 30 states have call predecessors, (40), 36 states have return successors, (54), 41 states have call predecessors, (54), 40 states have call successors, (54) [2024-11-08 15:13:24,099 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 300 states to 300 states and 375 transitions. [2024-11-08 15:13:24,099 INFO L78 Accepts]: Start accepts. Automaton has 300 states and 375 transitions. Word has length 54 [2024-11-08 15:13:24,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:24,100 INFO L471 AbstractCegarLoop]: Abstraction has 300 states and 375 transitions. [2024-11-08 15:13:24,100 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:13:24,100 INFO L276 IsEmpty]: Start isEmpty. Operand 300 states and 375 transitions. [2024-11-08 15:13:24,101 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-08 15:13:24,102 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:24,102 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:24,102 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:13:24,102 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:24,103 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:24,103 INFO L85 PathProgramCache]: Analyzing trace with hash -808559779, now seen corresponding path program 1 times [2024-11-08 15:13:24,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:24,103 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2074306855] [2024-11-08 15:13:24,103 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:24,103 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:24,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,186 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:24,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,214 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:24,218 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,225 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:24,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,229 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:13:24,231 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,237 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:24,238 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:24,238 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2074306855] [2024-11-08 15:13:24,238 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2074306855] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:24,238 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:24,238 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:13:24,238 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1691109566] [2024-11-08 15:13:24,238 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:24,239 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:13:24,239 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:24,239 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:13:24,239 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:13:24,240 INFO L87 Difference]: Start difference. First operand 300 states and 375 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-08 15:13:24,547 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:24,548 INFO L93 Difference]: Finished difference Result 841 states and 1094 transitions. [2024-11-08 15:13:24,548 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:13:24,549 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 54 [2024-11-08 15:13:24,549 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:24,552 INFO L225 Difference]: With dead ends: 841 [2024-11-08 15:13:24,554 INFO L226 Difference]: Without dead ends: 548 [2024-11-08 15:13:24,555 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:13:24,556 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 222 mSDsluCounter, 163 mSDsCounter, 0 mSdLazyCounter, 147 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 230 SdHoareTripleChecker+Valid, 281 SdHoareTripleChecker+Invalid, 214 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 147 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:24,556 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [230 Valid, 281 Invalid, 214 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 147 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:13:24,558 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 548 states. [2024-11-08 15:13:24,603 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 548 to 541. [2024-11-08 15:13:24,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 541 states, 404 states have (on average 1.24009900990099) internal successors, (501), 430 states have internal predecessors, (501), 71 states have call successors, (71), 63 states have call predecessors, (71), 65 states have return successors, (109), 70 states have call predecessors, (109), 71 states have call successors, (109) [2024-11-08 15:13:24,607 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 541 states to 541 states and 681 transitions. [2024-11-08 15:13:24,608 INFO L78 Accepts]: Start accepts. Automaton has 541 states and 681 transitions. Word has length 54 [2024-11-08 15:13:24,608 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:24,608 INFO L471 AbstractCegarLoop]: Abstraction has 541 states and 681 transitions. [2024-11-08 15:13:24,609 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-08 15:13:24,609 INFO L276 IsEmpty]: Start isEmpty. Operand 541 states and 681 transitions. [2024-11-08 15:13:24,610 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2024-11-08 15:13:24,610 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:24,610 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:24,611 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:13:24,611 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:24,611 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:24,611 INFO L85 PathProgramCache]: Analyzing trace with hash -734125181, now seen corresponding path program 1 times [2024-11-08 15:13:24,611 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:24,611 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [531040397] [2024-11-08 15:13:24,612 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:24,612 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:24,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,704 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:24,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,714 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:24,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,769 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:24,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,797 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:24,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-08 15:13:24,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:24,819 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:24,819 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:24,819 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [531040397] [2024-11-08 15:13:24,820 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [531040397] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:24,820 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:24,820 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2024-11-08 15:13:24,820 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1924336009] [2024-11-08 15:13:24,820 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:24,821 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2024-11-08 15:13:24,821 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:24,821 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2024-11-08 15:13:24,822 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=109, Unknown=0, NotChecked=0, Total=132 [2024-11-08 15:13:24,822 INFO L87 Difference]: Start difference. First operand 541 states and 681 transitions. Second operand has 12 states, 12 states have (on average 3.75) internal successors, (45), 7 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:25,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:25,648 INFO L93 Difference]: Finished difference Result 1743 states and 2305 transitions. [2024-11-08 15:13:25,648 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2024-11-08 15:13:25,649 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 12 states have (on average 3.75) internal successors, (45), 7 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2024-11-08 15:13:25,649 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:25,657 INFO L225 Difference]: With dead ends: 1743 [2024-11-08 15:13:25,657 INFO L226 Difference]: Without dead ends: 1209 [2024-11-08 15:13:25,660 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 43 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 197 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=208, Invalid=784, Unknown=0, NotChecked=0, Total=992 [2024-11-08 15:13:25,663 INFO L432 NwaCegarLoop]: 62 mSDtfsCounter, 318 mSDsluCounter, 461 mSDsCounter, 0 mSdLazyCounter, 644 mSolverCounterSat, 129 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 327 SdHoareTripleChecker+Valid, 523 SdHoareTripleChecker+Invalid, 773 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 129 IncrementalHoareTripleChecker+Valid, 644 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:25,663 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [327 Valid, 523 Invalid, 773 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [129 Valid, 644 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-08 15:13:25,665 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1209 states. [2024-11-08 15:13:25,751 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1209 to 1171. [2024-11-08 15:13:25,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1171 states, 860 states have (on average 1.2093023255813953) internal successors, (1040), 925 states have internal predecessors, (1040), 168 states have call successors, (168), 122 states have call predecessors, (168), 142 states have return successors, (294), 166 states have call predecessors, (294), 168 states have call successors, (294) [2024-11-08 15:13:25,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1171 states to 1171 states and 1502 transitions. [2024-11-08 15:13:25,762 INFO L78 Accepts]: Start accepts. Automaton has 1171 states and 1502 transitions. Word has length 58 [2024-11-08 15:13:25,763 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:25,764 INFO L471 AbstractCegarLoop]: Abstraction has 1171 states and 1502 transitions. [2024-11-08 15:13:25,764 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 12 states have (on average 3.75) internal successors, (45), 7 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:25,765 INFO L276 IsEmpty]: Start isEmpty. Operand 1171 states and 1502 transitions. [2024-11-08 15:13:25,767 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2024-11-08 15:13:25,769 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:25,769 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:25,769 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:13:25,770 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:25,770 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:25,770 INFO L85 PathProgramCache]: Analyzing trace with hash -353852961, now seen corresponding path program 1 times [2024-11-08 15:13:25,770 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:25,770 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [238497212] [2024-11-08 15:13:25,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:25,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:25,785 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:25,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,820 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:25,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,850 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:13:25,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,859 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:25,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,862 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:25,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,864 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-08 15:13:25,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,876 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2024-11-08 15:13:25,877 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,879 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-08 15:13:25,880 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:25,881 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:13:25,881 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:25,881 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [238497212] [2024-11-08 15:13:25,882 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [238497212] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:25,882 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:25,882 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:13:25,882 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [222539680] [2024-11-08 15:13:25,882 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:25,883 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:25,883 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:25,883 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:25,883 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:13:25,884 INFO L87 Difference]: Start difference. First operand 1171 states and 1502 transitions. Second operand has 8 states, 8 states have (on average 8.5) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (9), 6 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-08 15:13:26,417 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:26,417 INFO L93 Difference]: Finished difference Result 1419 states and 1810 transitions. [2024-11-08 15:13:26,418 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-08 15:13:26,418 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 8.5) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (9), 6 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) Word has length 89 [2024-11-08 15:13:26,418 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:26,422 INFO L225 Difference]: With dead ends: 1419 [2024-11-08 15:13:26,422 INFO L226 Difference]: Without dead ends: 592 [2024-11-08 15:13:26,425 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 20 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=68, Invalid=172, Unknown=0, NotChecked=0, Total=240 [2024-11-08 15:13:26,426 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 311 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 384 mSolverCounterSat, 100 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 321 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 484 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 100 IncrementalHoareTripleChecker+Valid, 384 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:26,426 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [321 Valid, 237 Invalid, 484 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [100 Valid, 384 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:13:26,427 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 592 states. [2024-11-08 15:13:26,465 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 592 to 572. [2024-11-08 15:13:26,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 572 states, 420 states have (on average 1.1714285714285715) internal successors, (492), 450 states have internal predecessors, (492), 81 states have call successors, (81), 60 states have call predecessors, (81), 70 states have return successors, (144), 81 states have call predecessors, (144), 81 states have call successors, (144) [2024-11-08 15:13:26,469 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 572 states to 572 states and 717 transitions. [2024-11-08 15:13:26,470 INFO L78 Accepts]: Start accepts. Automaton has 572 states and 717 transitions. Word has length 89 [2024-11-08 15:13:26,470 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:26,471 INFO L471 AbstractCegarLoop]: Abstraction has 572 states and 717 transitions. [2024-11-08 15:13:26,471 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 8.5) internal successors, (68), 4 states have internal predecessors, (68), 4 states have call successors, (9), 6 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-08 15:13:26,471 INFO L276 IsEmpty]: Start isEmpty. Operand 572 states and 717 transitions. [2024-11-08 15:13:26,473 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2024-11-08 15:13:26,473 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:26,473 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:26,473 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:13:26,473 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:26,474 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:26,474 INFO L85 PathProgramCache]: Analyzing trace with hash -753408287, now seen corresponding path program 1 times [2024-11-08 15:13:26,474 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:26,474 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [63058073] [2024-11-08 15:13:26,474 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:26,475 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:26,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,593 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:26,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,607 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:26,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,620 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:13:26,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,626 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:26,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:26,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,631 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-08 15:13:26,632 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,641 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-08 15:13:26,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,657 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-11-08 15:13:26,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,732 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:26,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,787 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2024-11-08 15:13:26,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,789 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:26,790 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,790 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2024-11-08 15:13:26,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,793 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 14 proven. 12 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2024-11-08 15:13:26,793 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:26,793 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [63058073] [2024-11-08 15:13:26,793 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [63058073] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:13:26,793 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1876724263] [2024-11-08 15:13:26,793 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:26,794 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:13:26,794 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:13:26,796 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:13:26,797 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:13:26,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:26,912 INFO L255 TraceCheckSpWp]: Trace formula consists of 327 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-08 15:13:26,921 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:13:27,103 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:13:27,105 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-08 15:13:27,105 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1876724263] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:27,106 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-08 15:13:27,106 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2024-11-08 15:13:27,106 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [309567268] [2024-11-08 15:13:27,107 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:27,107 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:27,107 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:27,108 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:27,108 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-11-08 15:13:27,108 INFO L87 Difference]: Start difference. First operand 572 states and 717 transitions. Second operand has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-08 15:13:27,296 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:27,296 INFO L93 Difference]: Finished difference Result 1260 states and 1578 transitions. [2024-11-08 15:13:27,297 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:13:27,297 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2024-11-08 15:13:27,297 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:27,298 INFO L225 Difference]: With dead ends: 1260 [2024-11-08 15:13:27,298 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:13:27,302 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 120 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=61, Invalid=359, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:13:27,303 INFO L432 NwaCegarLoop]: 166 mSDtfsCounter, 59 mSDsluCounter, 746 mSDsCounter, 0 mSdLazyCounter, 108 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 912 SdHoareTripleChecker+Invalid, 109 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 108 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:27,303 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 912 Invalid, 109 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 108 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:27,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:13:27,303 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:13:27,304 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:13:27,304 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:13:27,304 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 106 [2024-11-08 15:13:27,304 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:27,305 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:13:27,305 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-08 15:13:27,305 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:13:27,305 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:13:27,307 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:13:27,326 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:13:27,508 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 15:13:27,511 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:27,512 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:13:30,799 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:13:30,818 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0))) Eliminated clause: (or (and (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (= 1 ~systemActive~0)) [2024-11-08 15:13:30,829 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (let ((.cse1 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0))) (or (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|) .cse1) (and (= |old(~methaneLevelCritical~0)| 0) .cse1) (and .cse0 (= 0 ~systemActive~0)))) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and .cse1 (<= 1 ~methaneLevelCritical~0) .cse0) (and .cse1 (= 0 ~systemActive~0)))) [2024-11-08 15:13:30,834 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0) (and (= |old(~pumpRunning~0)| 0) (= 0 ~systemActive~0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (= 0 ~systemActive~0)))) [2024-11-08 15:13:30,844 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and .cse1 (<= 1 ~methaneLevelCritical~0) .cse0) (and .cse1 (= 0 ~systemActive~0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and .cse1 (<= 1 ~methaneLevelCritical~0) .cse0) (and .cse1 (= 0 ~systemActive~0)))) [2024-11-08 15:13:30,848 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse0 (= |old(~pumpRunning~0)| 0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-08 15:13:30,854 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:13:30 BoogieIcfgContainer [2024-11-08 15:13:30,854 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:13:30,855 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:13:30,855 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:13:30,855 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:13:30,856 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:21" (3/4) ... [2024-11-08 15:13:30,858 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:13:30,862 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:13:30,862 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:13:30,862 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:13:30,862 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:13:30,862 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:13:30,863 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-08 15:13:30,863 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:13:30,863 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:30,863 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-08 15:13:30,869 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-08 15:13:30,870 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:13:30,871 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:13:30,871 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:13:30,872 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:13:31,005 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:13:31,006 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:13:31,006 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:13:31,006 INFO L158 Benchmark]: Toolchain (without parser) took 10238.34ms. Allocated memory was 151.0MB in the beginning and 295.7MB in the end (delta: 144.7MB). Free memory was 93.8MB in the beginning and 187.8MB in the end (delta: -94.0MB). Peak memory consumption was 52.8MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,007 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 151.0MB. Free memory is still 109.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:13:31,007 INFO L158 Benchmark]: CACSL2BoogieTranslator took 524.00ms. Allocated memory is still 151.0MB. Free memory was 93.5MB in the beginning and 120.1MB in the end (delta: -26.6MB). Peak memory consumption was 27.5MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,008 INFO L158 Benchmark]: Boogie Procedure Inliner took 54.80ms. Allocated memory was 151.0MB in the beginning and 203.4MB in the end (delta: 52.4MB). Free memory was 120.1MB in the beginning and 174.4MB in the end (delta: -54.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,008 INFO L158 Benchmark]: Boogie Preprocessor took 48.48ms. Allocated memory is still 203.4MB. Free memory was 174.4MB in the beginning and 171.3MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,008 INFO L158 Benchmark]: RCFGBuilder took 493.74ms. Allocated memory is still 203.4MB. Free memory was 171.3MB in the beginning and 152.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,009 INFO L158 Benchmark]: TraceAbstraction took 8958.50ms. Allocated memory was 203.4MB in the beginning and 295.7MB in the end (delta: 92.3MB). Free memory was 152.4MB in the beginning and 195.2MB in the end (delta: -42.8MB). Peak memory consumption was 125.1MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,009 INFO L158 Benchmark]: Witness Printer took 151.25ms. Allocated memory is still 295.7MB. Free memory was 195.2MB in the beginning and 187.8MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-08 15:13:31,011 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 151.0MB. Free memory is still 109.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 524.00ms. Allocated memory is still 151.0MB. Free memory was 93.5MB in the beginning and 120.1MB in the end (delta: -26.6MB). Peak memory consumption was 27.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 54.80ms. Allocated memory was 151.0MB in the beginning and 203.4MB in the end (delta: 52.4MB). Free memory was 120.1MB in the beginning and 174.4MB in the end (delta: -54.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 48.48ms. Allocated memory is still 203.4MB. Free memory was 174.4MB in the beginning and 171.3MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 493.74ms. Allocated memory is still 203.4MB. Free memory was 171.3MB in the beginning and 152.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 8958.50ms. Allocated memory was 203.4MB in the beginning and 295.7MB in the end (delta: 92.3MB). Free memory was 152.4MB in the beginning and 195.2MB in the end (delta: -42.8MB). Peak memory consumption was 125.1MB. Max. memory is 16.1GB. * Witness Printer took 151.25ms. Allocated memory is still 295.7MB. Free memory was 195.2MB in the beginning and 187.8MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [49] - GenericResultAtLocation [Line: 78]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [78] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [87] - GenericResultAtLocation [Line: 125]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [125] - GenericResultAtLocation [Line: 225]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [225] - GenericResultAtLocation [Line: 440]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [440] - GenericResultAtLocation [Line: 508]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [508] - GenericResultAtLocation [Line: 874]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [874] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 83]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.6s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1343 SdHoareTripleChecker+Valid, 1.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1294 mSDsluCounter, 3551 SdHoareTripleChecker+Invalid, 1.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2527 mSDsCounter, 369 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1630 IncrementalHoareTripleChecker+Invalid, 1999 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 369 mSolverCounterUnsat, 1024 mSDtfsCounter, 1630 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 291 GetRequests, 200 SyntacticMatches, 0 SemanticMatches, 91 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 292 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1171occurred in iteration=8, InterpolantAutomatonStates: 80, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 79 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 628 NumberOfCodeBlocks, 628 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 617 ConstructedInterpolants, 0 QuantifiedInterpolants, 1123 SizeOfPredicates, 1 NumberOfNonLiveVariables, 327 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 112/124 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 452]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (splverifierCounter == 0)) && (0 == systemActive)) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 886]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 451]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 342]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive)) Ensures: (((pumpRunning == 0) && (((2 <= waterLevel) && (0 != systemActive)) || (1 == systemActive))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 258]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 158]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) || ((\old(methaneLevelCritical) == 0) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) && (((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1)) || (0 == systemActive))) && (((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) || (0 == systemActive))) && (((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 876]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 234]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((((0 == systemActive) || ((pumpRunning == 0) && (1 == systemActive))) || (methaneLevelCritical < 1)) && ((((methaneLevelCritical == 0) && (1 == systemActive)) || ((\old(pumpRunning) == 0) && (0 == systemActive))) || ((1 <= methaneLevelCritical) && (0 != systemActive)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (0 != systemActive))) && ((\old(pumpRunning) != 0) || (\old(waterLevel) == waterLevel))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 170]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 146]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive))) Ensures: ((((((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || ((pumpRunning == 0) && (0 == systemActive)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 266]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((pumpRunning == \old(pumpRunning)) || (1 < waterLevel))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 350]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:13:31,048 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE