./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:21:59,091 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:21:59,203 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:21:59,210 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:21:59,210 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:21:59,239 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:21:59,239 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:21:59,240 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:21:59,240 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:21:59,241 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:21:59,241 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:21:59,241 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:21:59,242 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:21:59,242 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:21:59,242 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:21:59,243 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:21:59,243 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:21:59,243 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:21:59,244 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:21:59,244 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:21:59,244 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:21:59,245 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:21:59,245 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:21:59,246 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:21:59,246 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:21:59,246 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:21:59,246 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:21:59,247 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:21:59,247 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:21:59,247 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:21:59,248 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:21:59,248 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:21:59,248 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:21:59,249 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:21:59,249 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:21:59,249 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:21:59,250 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:21:59,250 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:21:59,250 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:21:59,251 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:21:59,251 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:21:59,254 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:21:59,255 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 [2024-11-18 14:21:59,505 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:21:59,527 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:21:59,530 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:21:59,531 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:21:59,532 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:21:59,533 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c [2024-11-18 14:22:00,980 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:22:01,208 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:22:01,209 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c [2024-11-18 14:22:01,223 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5ada0e709/eb90fd26ee9640fca557c9af09e3cfc2/FLAG18fe69820 [2024-11-18 14:22:01,237 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5ada0e709/eb90fd26ee9640fca557c9af09e3cfc2 [2024-11-18 14:22:01,240 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:22:01,242 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:22:01,245 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:22:01,245 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:22:01,251 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:22:01,252 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,253 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6c961e58 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01, skipping insertion in model container [2024-11-18 14:22:01,253 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,292 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:22:01,590 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-11-18 14:22:01,701 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:22:01,713 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:22:01,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2024-11-18 14:22:01,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] [2024-11-18 14:22:01,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] [2024-11-18 14:22:01,728 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] [2024-11-18 14:22:01,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] [2024-11-18 14:22:01,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] [2024-11-18 14:22:01,729 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] [2024-11-18 14:22:01,730 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] [2024-11-18 14:22:01,749 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-11-18 14:22:01,809 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:22:01,834 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:22:01,835 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01 WrapperNode [2024-11-18 14:22:01,835 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:22:01,836 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:22:01,836 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:22:01,836 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:22:01,843 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,862 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,893 INFO L138 Inliner]: procedures = 59, calls = 106, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 236 [2024-11-18 14:22:01,895 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:22:01,896 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:22:01,896 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:22:01,896 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:22:01,907 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,908 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,910 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,930 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:22:01,931 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,931 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,936 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,955 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,957 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,958 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,960 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:22:01,961 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:22:01,962 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:22:01,962 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:22:01,963 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (1/1) ... [2024-11-18 14:22:01,970 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:22:01,983 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:02,000 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:22:02,005 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:22:02,055 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:22:02,055 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:22:02,056 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:22:02,056 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:22:02,056 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:22:02,056 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:22:02,056 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:22:02,056 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:02,057 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:02,057 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:22:02,057 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:22:02,058 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:22:02,058 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:22:02,058 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-18 14:22:02,058 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-18 14:22:02,058 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:22:02,058 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:22:02,059 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:22:02,059 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:22:02,059 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:22:02,060 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:22:02,061 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:22:02,150 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:22:02,152 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:22:02,470 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-18 14:22:02,470 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:22:02,484 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:22:02,485 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:22:02,485 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:02 BoogieIcfgContainer [2024-11-18 14:22:02,485 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:22:02,487 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:22:02,487 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:22:02,490 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:22:02,490 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:22:01" (1/3) ... [2024-11-18 14:22:02,490 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1dd5fc85 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:22:02, skipping insertion in model container [2024-11-18 14:22:02,491 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:01" (2/3) ... [2024-11-18 14:22:02,491 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1dd5fc85 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:22:02, skipping insertion in model container [2024-11-18 14:22:02,491 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:02" (3/3) ... [2024-11-18 14:22:02,492 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product54.cil.c [2024-11-18 14:22:02,504 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:22:02,504 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:22:02,555 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:22:02,561 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@332c2243, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:22:02,561 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:22:02,565 INFO L276 IsEmpty]: Start isEmpty. Operand has 106 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 89 states have internal predecessors, (108), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-18 14:22:02,574 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-18 14:22:02,574 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:02,575 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:02,575 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:02,580 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:02,580 INFO L85 PathProgramCache]: Analyzing trace with hash -17930075, now seen corresponding path program 1 times [2024-11-18 14:22:02,589 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:02,589 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [342269455] [2024-11-18 14:22:02,590 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:02,590 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:02,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:02,813 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:02,813 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:02,814 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [342269455] [2024-11-18 14:22:02,814 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [342269455] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:02,814 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:02,815 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:22:02,816 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [582931520] [2024-11-18 14:22:02,816 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:02,821 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:22:02,822 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:02,845 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:22:02,861 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:22:02,866 INFO L87 Difference]: Start difference. First operand has 106 states, 79 states have (on average 1.3670886075949367) internal successors, (108), 89 states have internal predecessors, (108), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:02,896 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:02,896 INFO L93 Difference]: Finished difference Result 203 states and 274 transitions. [2024-11-18 14:22:02,897 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:22:02,899 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-18 14:22:02,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:02,907 INFO L225 Difference]: With dead ends: 203 [2024-11-18 14:22:02,908 INFO L226 Difference]: Without dead ends: 97 [2024-11-18 14:22:02,911 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:22:02,914 INFO L432 NwaCegarLoop]: 134 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 134 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:02,915 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 134 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:02,936 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2024-11-18 14:22:02,962 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2024-11-18 14:22:02,963 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 72 states have (on average 1.3055555555555556) internal successors, (94), 81 states have internal predecessors, (94), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-18 14:22:02,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 125 transitions. [2024-11-18 14:22:02,967 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 125 transitions. Word has length 32 [2024-11-18 14:22:02,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:02,968 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 125 transitions. [2024-11-18 14:22:02,968 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:02,968 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 125 transitions. [2024-11-18 14:22:02,970 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-18 14:22:02,970 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:02,971 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:02,971 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:22:02,971 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:02,972 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:02,972 INFO L85 PathProgramCache]: Analyzing trace with hash 1323382524, now seen corresponding path program 1 times [2024-11-18 14:22:02,972 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:02,972 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1509046243] [2024-11-18 14:22:02,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:02,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,116 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,117 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,117 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1509046243] [2024-11-18 14:22:03,117 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1509046243] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,117 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,117 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:03,118 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1070084707] [2024-11-18 14:22:03,118 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,119 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:03,119 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,120 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:03,120 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,121 INFO L87 Difference]: Start difference. First operand 97 states and 125 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:03,142 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:03,143 INFO L93 Difference]: Finished difference Result 158 states and 204 transitions. [2024-11-18 14:22:03,143 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:03,144 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-18 14:22:03,144 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:03,145 INFO L225 Difference]: With dead ends: 158 [2024-11-18 14:22:03,145 INFO L226 Difference]: Without dead ends: 88 [2024-11-18 14:22:03,146 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,147 INFO L432 NwaCegarLoop]: 112 mSDtfsCounter, 13 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 207 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:03,148 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 207 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:03,148 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-18 14:22:03,156 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-18 14:22:03,157 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.3181818181818181) internal successors, (87), 75 states have internal predecessors, (87), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-18 14:22:03,158 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2024-11-18 14:22:03,158 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 33 [2024-11-18 14:22:03,159 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:03,159 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2024-11-18 14:22:03,159 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:03,159 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2024-11-18 14:22:03,161 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-18 14:22:03,161 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:03,161 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:03,161 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:22:03,161 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:03,162 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:03,162 INFO L85 PathProgramCache]: Analyzing trace with hash 951919944, now seen corresponding path program 1 times [2024-11-18 14:22:03,162 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:03,162 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [502398879] [2024-11-18 14:22:03,163 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:03,163 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,299 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,299 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,299 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [502398879] [2024-11-18 14:22:03,300 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [502398879] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,300 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,300 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:03,300 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529088298] [2024-11-18 14:22:03,301 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,301 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:03,301 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,302 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:03,302 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,302 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-18 14:22:03,337 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:03,339 INFO L93 Difference]: Finished difference Result 168 states and 219 transitions. [2024-11-18 14:22:03,340 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:03,340 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-18 14:22:03,340 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:03,341 INFO L225 Difference]: With dead ends: 168 [2024-11-18 14:22:03,341 INFO L226 Difference]: Without dead ends: 88 [2024-11-18 14:22:03,342 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,343 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 103 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 103 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:03,343 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [103 Valid, 111 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:03,344 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-18 14:22:03,352 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-18 14:22:03,352 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.303030303030303) internal successors, (86), 75 states have internal predecessors, (86), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-18 14:22:03,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 112 transitions. [2024-11-18 14:22:03,354 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 112 transitions. Word has length 38 [2024-11-18 14:22:03,355 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:03,355 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 112 transitions. [2024-11-18 14:22:03,355 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-18 14:22:03,355 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 112 transitions. [2024-11-18 14:22:03,357 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-18 14:22:03,357 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:03,357 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:03,357 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:22:03,357 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:03,358 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:03,358 INFO L85 PathProgramCache]: Analyzing trace with hash 43096146, now seen corresponding path program 1 times [2024-11-18 14:22:03,358 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:03,358 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [686293183] [2024-11-18 14:22:03,359 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:03,359 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,438 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,438 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,438 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [686293183] [2024-11-18 14:22:03,438 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [686293183] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,438 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,438 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:03,438 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1843036503] [2024-11-18 14:22:03,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,439 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:03,439 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,440 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:03,440 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,440 INFO L87 Difference]: Start difference. First operand 88 states and 112 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:22:03,504 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:03,504 INFO L93 Difference]: Finished difference Result 220 states and 289 transitions. [2024-11-18 14:22:03,505 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:03,505 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 47 [2024-11-18 14:22:03,505 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:03,506 INFO L225 Difference]: With dead ends: 220 [2024-11-18 14:22:03,506 INFO L226 Difference]: Without dead ends: 140 [2024-11-18 14:22:03,507 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:03,508 INFO L432 NwaCegarLoop]: 128 mSDtfsCounter, 83 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 83 SdHoareTripleChecker+Valid, 206 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:03,508 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [83 Valid, 206 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:03,509 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 140 states. [2024-11-18 14:22:03,530 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 140 to 138. [2024-11-18 14:22:03,530 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 138 states, 104 states have (on average 1.2788461538461537) internal successors, (133), 112 states have internal predecessors, (133), 18 states have call successors, (18), 15 states have call predecessors, (18), 15 states have return successors, (24), 16 states have call predecessors, (24), 18 states have call successors, (24) [2024-11-18 14:22:03,531 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 138 states to 138 states and 175 transitions. [2024-11-18 14:22:03,532 INFO L78 Accepts]: Start accepts. Automaton has 138 states and 175 transitions. Word has length 47 [2024-11-18 14:22:03,532 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:03,532 INFO L471 AbstractCegarLoop]: Abstraction has 138 states and 175 transitions. [2024-11-18 14:22:03,532 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:22:03,532 INFO L276 IsEmpty]: Start isEmpty. Operand 138 states and 175 transitions. [2024-11-18 14:22:03,534 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-18 14:22:03,534 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:03,535 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:03,535 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:22:03,536 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:03,536 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:03,536 INFO L85 PathProgramCache]: Analyzing trace with hash 934824757, now seen corresponding path program 1 times [2024-11-18 14:22:03,536 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:03,537 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [823366813] [2024-11-18 14:22:03,537 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:03,537 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,662 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,662 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,663 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [823366813] [2024-11-18 14:22:03,663 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [823366813] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,663 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,663 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:22:03,663 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [939685115] [2024-11-18 14:22:03,663 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,664 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:22:03,664 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,664 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:22:03,664 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:22:03,665 INFO L87 Difference]: Start difference. First operand 138 states and 175 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:03,705 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:03,705 INFO L93 Difference]: Finished difference Result 271 states and 352 transitions. [2024-11-18 14:22:03,706 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:22:03,706 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 57 [2024-11-18 14:22:03,706 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:03,707 INFO L225 Difference]: With dead ends: 271 [2024-11-18 14:22:03,707 INFO L226 Difference]: Without dead ends: 141 [2024-11-18 14:22:03,708 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:22:03,709 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 0 mSDsluCounter, 321 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 430 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:03,709 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 430 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:03,714 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 141 states. [2024-11-18 14:22:03,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 141 to 141. [2024-11-18 14:22:03,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 141 states, 107 states have (on average 1.2710280373831775) internal successors, (136), 115 states have internal predecessors, (136), 18 states have call successors, (18), 15 states have call predecessors, (18), 15 states have return successors, (24), 16 states have call predecessors, (24), 18 states have call successors, (24) [2024-11-18 14:22:03,737 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 141 states to 141 states and 178 transitions. [2024-11-18 14:22:03,737 INFO L78 Accepts]: Start accepts. Automaton has 141 states and 178 transitions. Word has length 57 [2024-11-18 14:22:03,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:03,738 INFO L471 AbstractCegarLoop]: Abstraction has 141 states and 178 transitions. [2024-11-18 14:22:03,738 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:03,738 INFO L276 IsEmpty]: Start isEmpty. Operand 141 states and 178 transitions. [2024-11-18 14:22:03,739 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-18 14:22:03,739 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:03,740 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:03,740 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:22:03,740 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:03,744 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:03,744 INFO L85 PathProgramCache]: Analyzing trace with hash 1357526583, now seen corresponding path program 1 times [2024-11-18 14:22:03,744 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:03,744 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [24966968] [2024-11-18 14:22:03,745 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:03,745 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,831 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,831 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,831 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [24966968] [2024-11-18 14:22:03,831 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [24966968] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,831 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,831 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:22:03,831 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [830543961] [2024-11-18 14:22:03,831 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,832 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:22:03,832 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,832 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:22:03,832 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:03,833 INFO L87 Difference]: Start difference. First operand 141 states and 178 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:03,862 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:03,862 INFO L93 Difference]: Finished difference Result 276 states and 363 transitions. [2024-11-18 14:22:03,862 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:22:03,862 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 57 [2024-11-18 14:22:03,863 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:03,864 INFO L225 Difference]: With dead ends: 276 [2024-11-18 14:22:03,864 INFO L226 Difference]: Without dead ends: 143 [2024-11-18 14:22:03,865 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:03,867 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 0 mSDsluCounter, 214 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 324 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:03,868 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 324 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:03,868 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 143 states. [2024-11-18 14:22:03,888 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 143 to 143. [2024-11-18 14:22:03,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 143 states, 109 states have (on average 1.2660550458715596) internal successors, (138), 117 states have internal predecessors, (138), 18 states have call successors, (18), 15 states have call predecessors, (18), 15 states have return successors, (24), 16 states have call predecessors, (24), 18 states have call successors, (24) [2024-11-18 14:22:03,889 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 143 states to 143 states and 180 transitions. [2024-11-18 14:22:03,889 INFO L78 Accepts]: Start accepts. Automaton has 143 states and 180 transitions. Word has length 57 [2024-11-18 14:22:03,890 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:03,890 INFO L471 AbstractCegarLoop]: Abstraction has 143 states and 180 transitions. [2024-11-18 14:22:03,890 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:03,892 INFO L276 IsEmpty]: Start isEmpty. Operand 143 states and 180 transitions. [2024-11-18 14:22:03,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-18 14:22:03,895 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:03,895 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:03,895 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:22:03,895 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:03,896 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:03,896 INFO L85 PathProgramCache]: Analyzing trace with hash -447911751, now seen corresponding path program 1 times [2024-11-18 14:22:03,896 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:03,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1143100181] [2024-11-18 14:22:03,896 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:03,896 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:03,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:03,986 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:03,986 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:03,986 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1143100181] [2024-11-18 14:22:03,987 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1143100181] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:03,987 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:03,987 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:22:03,987 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [971467374] [2024-11-18 14:22:03,987 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:03,987 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:22:03,987 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:03,988 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:22:03,988 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:03,989 INFO L87 Difference]: Start difference. First operand 143 states and 180 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-18 14:22:04,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:04,129 INFO L93 Difference]: Finished difference Result 466 states and 608 transitions. [2024-11-18 14:22:04,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:22:04,131 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 57 [2024-11-18 14:22:04,131 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:04,133 INFO L225 Difference]: With dead ends: 466 [2024-11-18 14:22:04,135 INFO L226 Difference]: Without dead ends: 331 [2024-11-18 14:22:04,135 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:04,136 INFO L432 NwaCegarLoop]: 200 mSDtfsCounter, 146 mSDsluCounter, 184 mSDsCounter, 0 mSdLazyCounter, 72 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 384 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 72 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:04,137 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 384 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 72 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:22:04,139 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 331 states. [2024-11-18 14:22:04,174 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 331 to 322. [2024-11-18 14:22:04,175 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 322 states, 243 states have (on average 1.2510288065843622) internal successors, (304), 258 states have internal predecessors, (304), 42 states have call successors, (42), 35 states have call predecessors, (42), 36 states have return successors, (67), 39 states have call predecessors, (67), 42 states have call successors, (67) [2024-11-18 14:22:04,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 322 states to 322 states and 413 transitions. [2024-11-18 14:22:04,179 INFO L78 Accepts]: Start accepts. Automaton has 322 states and 413 transitions. Word has length 57 [2024-11-18 14:22:04,179 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:04,179 INFO L471 AbstractCegarLoop]: Abstraction has 322 states and 413 transitions. [2024-11-18 14:22:04,179 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 4 states have internal predecessors, (46), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-18 14:22:04,179 INFO L276 IsEmpty]: Start isEmpty. Operand 322 states and 413 transitions. [2024-11-18 14:22:04,180 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-18 14:22:04,181 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:04,181 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:04,181 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:22:04,181 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:04,181 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:04,181 INFO L85 PathProgramCache]: Analyzing trace with hash 16145041, now seen corresponding path program 1 times [2024-11-18 14:22:04,182 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:04,182 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2128904224] [2024-11-18 14:22:04,182 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:04,182 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:04,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:04,319 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-18 14:22:04,319 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:04,319 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2128904224] [2024-11-18 14:22:04,319 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2128904224] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:04,319 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:04,319 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-18 14:22:04,320 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1041979155] [2024-11-18 14:22:04,320 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:04,320 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-18 14:22:04,320 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:04,321 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-18 14:22:04,321 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:22:04,321 INFO L87 Difference]: Start difference. First operand 322 states and 413 transitions. Second operand has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-18 14:22:04,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:04,603 INFO L93 Difference]: Finished difference Result 674 states and 873 transitions. [2024-11-18 14:22:04,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-18 14:22:04,604 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 59 [2024-11-18 14:22:04,604 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:04,607 INFO L225 Difference]: With dead ends: 674 [2024-11-18 14:22:04,607 INFO L226 Difference]: Without dead ends: 360 [2024-11-18 14:22:04,608 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-18 14:22:04,608 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 138 mSDsluCounter, 355 mSDsCounter, 0 mSdLazyCounter, 203 mSolverCounterSat, 39 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 444 SdHoareTripleChecker+Invalid, 242 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 39 IncrementalHoareTripleChecker+Valid, 203 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:04,609 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 444 Invalid, 242 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [39 Valid, 203 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:22:04,609 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 360 states. [2024-11-18 14:22:04,642 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 360 to 358. [2024-11-18 14:22:04,643 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 358 states, 269 states have (on average 1.2230483271375465) internal successors, (329), 284 states have internal predecessors, (329), 45 states have call successors, (45), 35 states have call predecessors, (45), 43 states have return successors, (80), 48 states have call predecessors, (80), 45 states have call successors, (80) [2024-11-18 14:22:04,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 358 states to 358 states and 454 transitions. [2024-11-18 14:22:04,647 INFO L78 Accepts]: Start accepts. Automaton has 358 states and 454 transitions. Word has length 59 [2024-11-18 14:22:04,647 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:04,647 INFO L471 AbstractCegarLoop]: Abstraction has 358 states and 454 transitions. [2024-11-18 14:22:04,649 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-18 14:22:04,649 INFO L276 IsEmpty]: Start isEmpty. Operand 358 states and 454 transitions. [2024-11-18 14:22:04,650 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-18 14:22:04,650 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:04,650 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:04,650 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:22:04,651 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:04,651 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:04,654 INFO L85 PathProgramCache]: Analyzing trace with hash 1464730591, now seen corresponding path program 1 times [2024-11-18 14:22:04,654 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:04,654 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1634705440] [2024-11-18 14:22:04,655 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:04,655 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:04,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:04,832 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:04,832 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:04,832 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1634705440] [2024-11-18 14:22:04,832 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1634705440] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:04,832 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:04,832 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-18 14:22:04,833 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1502453301] [2024-11-18 14:22:04,833 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:04,833 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-18 14:22:04,833 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:04,834 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-18 14:22:04,834 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-18 14:22:04,834 INFO L87 Difference]: Start difference. First operand 358 states and 454 transitions. Second operand has 8 states, 8 states have (on average 6.0) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:22:05,297 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:05,297 INFO L93 Difference]: Finished difference Result 1005 states and 1328 transitions. [2024-11-18 14:22:05,297 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-18 14:22:05,298 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.0) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 61 [2024-11-18 14:22:05,298 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:05,302 INFO L225 Difference]: With dead ends: 1005 [2024-11-18 14:22:05,302 INFO L226 Difference]: Without dead ends: 711 [2024-11-18 14:22:05,304 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=47, Invalid=109, Unknown=0, NotChecked=0, Total=156 [2024-11-18 14:22:05,304 INFO L432 NwaCegarLoop]: 139 mSDtfsCounter, 356 mSDsluCounter, 460 mSDsCounter, 0 mSdLazyCounter, 359 mSolverCounterSat, 84 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 366 SdHoareTripleChecker+Valid, 599 SdHoareTripleChecker+Invalid, 443 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 84 IncrementalHoareTripleChecker+Valid, 359 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:05,305 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [366 Valid, 599 Invalid, 443 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [84 Valid, 359 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-18 14:22:05,305 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 711 states. [2024-11-18 14:22:05,349 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 711 to 636. [2024-11-18 14:22:05,351 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 636 states, 475 states have (on average 1.2105263157894737) internal successors, (575), 504 states have internal predecessors, (575), 81 states have call successors, (81), 61 states have call predecessors, (81), 79 states have return successors, (142), 86 states have call predecessors, (142), 81 states have call successors, (142) [2024-11-18 14:22:05,354 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 636 states to 636 states and 798 transitions. [2024-11-18 14:22:05,355 INFO L78 Accepts]: Start accepts. Automaton has 636 states and 798 transitions. Word has length 61 [2024-11-18 14:22:05,356 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:05,356 INFO L471 AbstractCegarLoop]: Abstraction has 636 states and 798 transitions. [2024-11-18 14:22:05,356 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.0) internal successors, (48), 7 states have internal predecessors, (48), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:22:05,356 INFO L276 IsEmpty]: Start isEmpty. Operand 636 states and 798 transitions. [2024-11-18 14:22:05,358 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-18 14:22:05,359 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:05,359 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:05,359 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:22:05,359 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:05,360 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:05,360 INFO L85 PathProgramCache]: Analyzing trace with hash -2028217141, now seen corresponding path program 1 times [2024-11-18 14:22:05,360 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:05,361 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [97989735] [2024-11-18 14:22:05,361 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:05,361 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:05,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:05,562 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-18 14:22:05,563 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:05,563 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [97989735] [2024-11-18 14:22:05,563 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [97989735] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:05,563 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2113630994] [2024-11-18 14:22:05,563 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:05,564 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:05,564 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:05,566 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:05,567 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:22:05,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:05,688 INFO L255 TraceCheckSpWp]: Trace formula consists of 358 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-18 14:22:05,700 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:05,927 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 27 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:22:05,927 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:06,189 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-18 14:22:06,189 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2113630994] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:06,190 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:06,190 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 15 [2024-11-18 14:22:06,190 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2078376108] [2024-11-18 14:22:06,190 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:06,191 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-18 14:22:06,191 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:06,191 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-18 14:22:06,192 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=169, Unknown=0, NotChecked=0, Total=210 [2024-11-18 14:22:06,192 INFO L87 Difference]: Start difference. First operand 636 states and 798 transitions. Second operand has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 13 states have internal predecessors, (145), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) [2024-11-18 14:22:06,727 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:06,727 INFO L93 Difference]: Finished difference Result 1405 states and 1829 transitions. [2024-11-18 14:22:06,727 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-18 14:22:06,728 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 13 states have internal predecessors, (145), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) Word has length 111 [2024-11-18 14:22:06,728 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:06,732 INFO L225 Difference]: With dead ends: 1405 [2024-11-18 14:22:06,733 INFO L226 Difference]: Without dead ends: 831 [2024-11-18 14:22:06,735 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 250 GetRequests, 219 SyntacticMatches, 4 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 164 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=208, Invalid=604, Unknown=0, NotChecked=0, Total=812 [2024-11-18 14:22:06,736 INFO L432 NwaCegarLoop]: 220 mSDtfsCounter, 424 mSDsluCounter, 1083 mSDsCounter, 0 mSdLazyCounter, 291 mSolverCounterSat, 142 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 426 SdHoareTripleChecker+Valid, 1303 SdHoareTripleChecker+Invalid, 433 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 142 IncrementalHoareTripleChecker+Valid, 291 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:06,736 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [426 Valid, 1303 Invalid, 433 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [142 Valid, 291 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-18 14:22:06,737 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 831 states. [2024-11-18 14:22:06,792 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 831 to 728. [2024-11-18 14:22:06,793 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 728 states, 540 states have (on average 1.2) internal successors, (648), 578 states have internal predecessors, (648), 94 states have call successors, (94), 79 states have call predecessors, (94), 93 states have return successors, (138), 95 states have call predecessors, (138), 94 states have call successors, (138) [2024-11-18 14:22:06,797 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 728 states to 728 states and 880 transitions. [2024-11-18 14:22:06,798 INFO L78 Accepts]: Start accepts. Automaton has 728 states and 880 transitions. Word has length 111 [2024-11-18 14:22:06,798 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:06,798 INFO L471 AbstractCegarLoop]: Abstraction has 728 states and 880 transitions. [2024-11-18 14:22:06,799 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.666666666666666) internal successors, (145), 13 states have internal predecessors, (145), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) [2024-11-18 14:22:06,799 INFO L276 IsEmpty]: Start isEmpty. Operand 728 states and 880 transitions. [2024-11-18 14:22:06,801 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 196 [2024-11-18 14:22:06,801 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:06,802 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:06,820 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-18 14:22:07,002 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:22:07,003 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:07,003 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:07,003 INFO L85 PathProgramCache]: Analyzing trace with hash -1234484317, now seen corresponding path program 1 times [2024-11-18 14:22:07,003 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:07,003 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [563760683] [2024-11-18 14:22:07,004 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:07,004 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:07,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:07,279 INFO L134 CoverageAnalysis]: Checked inductivity of 207 backedges. 99 proven. 7 refuted. 0 times theorem prover too weak. 101 trivial. 0 not checked. [2024-11-18 14:22:07,279 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:07,279 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [563760683] [2024-11-18 14:22:07,280 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [563760683] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:07,280 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [605542110] [2024-11-18 14:22:07,280 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:07,280 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:07,280 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:07,282 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:07,283 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-18 14:22:07,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:07,451 INFO L255 TraceCheckSpWp]: Trace formula consists of 564 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-18 14:22:07,457 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:07,692 INFO L134 CoverageAnalysis]: Checked inductivity of 207 backedges. 151 proven. 4 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-18 14:22:07,696 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:08,172 INFO L134 CoverageAnalysis]: Checked inductivity of 207 backedges. 82 proven. 42 refuted. 0 times theorem prover too weak. 83 trivial. 0 not checked. [2024-11-18 14:22:08,172 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [605542110] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:08,173 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:08,175 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 10, 11] total 22 [2024-11-18 14:22:08,175 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1054792151] [2024-11-18 14:22:08,175 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:08,176 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2024-11-18 14:22:08,176 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:08,177 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2024-11-18 14:22:08,178 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=96, Invalid=366, Unknown=0, NotChecked=0, Total=462 [2024-11-18 14:22:08,181 INFO L87 Difference]: Start difference. First operand 728 states and 880 transitions. Second operand has 22 states, 22 states have (on average 10.045454545454545) internal successors, (221), 21 states have internal predecessors, (221), 10 states have call successors, (33), 5 states have call predecessors, (33), 10 states have return successors, (36), 9 states have call predecessors, (36), 10 states have call successors, (36) [2024-11-18 14:22:09,658 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:09,658 INFO L93 Difference]: Finished difference Result 2250 states and 2868 transitions. [2024-11-18 14:22:09,659 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2024-11-18 14:22:09,659 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 22 states have (on average 10.045454545454545) internal successors, (221), 21 states have internal predecessors, (221), 10 states have call successors, (33), 5 states have call predecessors, (33), 10 states have return successors, (36), 9 states have call predecessors, (36), 10 states have call successors, (36) Word has length 195 [2024-11-18 14:22:09,660 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:09,668 INFO L225 Difference]: With dead ends: 2250 [2024-11-18 14:22:09,668 INFO L226 Difference]: Without dead ends: 1497 [2024-11-18 14:22:09,696 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 442 GetRequests, 385 SyntacticMatches, 3 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 661 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=650, Invalid=2430, Unknown=0, NotChecked=0, Total=3080 [2024-11-18 14:22:09,697 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 969 mSDsluCounter, 696 mSDsCounter, 0 mSdLazyCounter, 1219 mSolverCounterSat, 404 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 969 SdHoareTripleChecker+Valid, 801 SdHoareTripleChecker+Invalid, 1623 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 404 IncrementalHoareTripleChecker+Valid, 1219 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:09,697 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [969 Valid, 801 Invalid, 1623 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [404 Valid, 1219 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-11-18 14:22:09,699 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1497 states. [2024-11-18 14:22:09,815 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1497 to 1397. [2024-11-18 14:22:09,818 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1397 states, 1049 states have (on average 1.145853193517636) internal successors, (1202), 1104 states have internal predecessors, (1202), 181 states have call successors, (181), 160 states have call predecessors, (181), 166 states have return successors, (238), 169 states have call predecessors, (238), 181 states have call successors, (238) [2024-11-18 14:22:09,823 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1397 states to 1397 states and 1621 transitions. [2024-11-18 14:22:09,824 INFO L78 Accepts]: Start accepts. Automaton has 1397 states and 1621 transitions. Word has length 195 [2024-11-18 14:22:09,825 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:09,825 INFO L471 AbstractCegarLoop]: Abstraction has 1397 states and 1621 transitions. [2024-11-18 14:22:09,825 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 22 states have (on average 10.045454545454545) internal successors, (221), 21 states have internal predecessors, (221), 10 states have call successors, (33), 5 states have call predecessors, (33), 10 states have return successors, (36), 9 states have call predecessors, (36), 10 states have call successors, (36) [2024-11-18 14:22:09,825 INFO L276 IsEmpty]: Start isEmpty. Operand 1397 states and 1621 transitions. [2024-11-18 14:22:09,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 212 [2024-11-18 14:22:09,829 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:09,829 INFO L215 NwaCegarLoop]: trace histogram [7, 7, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:09,849 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-18 14:22:10,030 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-18 14:22:10,030 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:10,031 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:10,031 INFO L85 PathProgramCache]: Analyzing trace with hash 1236232511, now seen corresponding path program 1 times [2024-11-18 14:22:10,031 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:10,031 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [114889441] [2024-11-18 14:22:10,031 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:10,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:10,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:10,327 INFO L134 CoverageAnalysis]: Checked inductivity of 249 backedges. 103 proven. 65 refuted. 0 times theorem prover too weak. 81 trivial. 0 not checked. [2024-11-18 14:22:10,328 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:10,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [114889441] [2024-11-18 14:22:10,328 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [114889441] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:10,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [950439588] [2024-11-18 14:22:10,328 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:10,329 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:10,329 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:10,330 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:10,332 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-18 14:22:10,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:10,469 INFO L255 TraceCheckSpWp]: Trace formula consists of 606 conjuncts, 12 conjuncts are in the unsatisfiable core [2024-11-18 14:22:10,474 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:10,646 INFO L134 CoverageAnalysis]: Checked inductivity of 249 backedges. 191 proven. 11 refuted. 0 times theorem prover too weak. 47 trivial. 0 not checked. [2024-11-18 14:22:10,647 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:11,156 INFO L134 CoverageAnalysis]: Checked inductivity of 249 backedges. 106 proven. 61 refuted. 0 times theorem prover too weak. 82 trivial. 0 not checked. [2024-11-18 14:22:11,156 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [950439588] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:11,156 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:11,156 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 8, 8] total 23 [2024-11-18 14:22:11,157 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2010030070] [2024-11-18 14:22:11,157 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:11,157 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2024-11-18 14:22:11,158 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:11,159 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2024-11-18 14:22:11,159 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=81, Invalid=425, Unknown=0, NotChecked=0, Total=506 [2024-11-18 14:22:11,159 INFO L87 Difference]: Start difference. First operand 1397 states and 1621 transitions. Second operand has 23 states, 23 states have (on average 11.043478260869565) internal successors, (254), 20 states have internal predecessors, (254), 9 states have call successors, (41), 5 states have call predecessors, (41), 14 states have return successors, (43), 12 states have call predecessors, (43), 9 states have call successors, (43) [2024-11-18 14:22:11,986 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:11,986 INFO L93 Difference]: Finished difference Result 2742 states and 3216 transitions. [2024-11-18 14:22:11,987 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-18 14:22:11,987 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 23 states have (on average 11.043478260869565) internal successors, (254), 20 states have internal predecessors, (254), 9 states have call successors, (41), 5 states have call predecessors, (41), 14 states have return successors, (43), 12 states have call predecessors, (43), 9 states have call successors, (43) Word has length 211 [2024-11-18 14:22:11,987 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:11,995 INFO L225 Difference]: With dead ends: 2742 [2024-11-18 14:22:11,996 INFO L226 Difference]: Without dead ends: 1461 [2024-11-18 14:22:12,000 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 457 GetRequests, 420 SyntacticMatches, 1 SemanticMatches, 36 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 213 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=299, Invalid=1107, Unknown=0, NotChecked=0, Total=1406 [2024-11-18 14:22:12,001 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 432 mSDsluCounter, 1037 mSDsCounter, 0 mSdLazyCounter, 894 mSolverCounterSat, 153 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 437 SdHoareTripleChecker+Valid, 1158 SdHoareTripleChecker+Invalid, 1047 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 153 IncrementalHoareTripleChecker+Valid, 894 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:12,001 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [437 Valid, 1158 Invalid, 1047 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [153 Valid, 894 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-18 14:22:12,003 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1461 states. [2024-11-18 14:22:12,120 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1461 to 1427. [2024-11-18 14:22:12,122 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1427 states, 1069 states have (on average 1.13844714686623) internal successors, (1217), 1124 states have internal predecessors, (1217), 181 states have call successors, (181), 170 states have call predecessors, (181), 176 states have return successors, (238), 169 states have call predecessors, (238), 181 states have call successors, (238) [2024-11-18 14:22:12,128 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1427 states to 1427 states and 1636 transitions. [2024-11-18 14:22:12,130 INFO L78 Accepts]: Start accepts. Automaton has 1427 states and 1636 transitions. Word has length 211 [2024-11-18 14:22:12,130 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:12,130 INFO L471 AbstractCegarLoop]: Abstraction has 1427 states and 1636 transitions. [2024-11-18 14:22:12,131 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 23 states have (on average 11.043478260869565) internal successors, (254), 20 states have internal predecessors, (254), 9 states have call successors, (41), 5 states have call predecessors, (41), 14 states have return successors, (43), 12 states have call predecessors, (43), 9 states have call successors, (43) [2024-11-18 14:22:12,131 INFO L276 IsEmpty]: Start isEmpty. Operand 1427 states and 1636 transitions. [2024-11-18 14:22:12,135 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 213 [2024-11-18 14:22:12,135 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:12,135 INFO L215 NwaCegarLoop]: trace histogram [7, 7, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:12,154 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-18 14:22:12,335 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:12,336 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:12,336 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:12,337 INFO L85 PathProgramCache]: Analyzing trace with hash 136341516, now seen corresponding path program 1 times [2024-11-18 14:22:12,337 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:12,337 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1773959075] [2024-11-18 14:22:12,337 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:12,337 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:12,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:12,918 INFO L134 CoverageAnalysis]: Checked inductivity of 250 backedges. 98 proven. 59 refuted. 0 times theorem prover too weak. 93 trivial. 0 not checked. [2024-11-18 14:22:12,918 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:12,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1773959075] [2024-11-18 14:22:12,918 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1773959075] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:12,918 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1137225427] [2024-11-18 14:22:12,918 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:12,919 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:12,919 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:12,920 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:12,922 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-18 14:22:13,051 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:13,059 INFO L255 TraceCheckSpWp]: Trace formula consists of 606 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-11-18 14:22:13,065 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:13,284 INFO L134 CoverageAnalysis]: Checked inductivity of 250 backedges. 135 proven. 26 refuted. 0 times theorem prover too weak. 89 trivial. 0 not checked. [2024-11-18 14:22:13,284 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:13,895 INFO L134 CoverageAnalysis]: Checked inductivity of 250 backedges. 103 proven. 45 refuted. 0 times theorem prover too weak. 102 trivial. 0 not checked. [2024-11-18 14:22:13,895 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1137225427] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:13,895 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:13,895 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 8, 13] total 22 [2024-11-18 14:22:13,896 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1444675815] [2024-11-18 14:22:13,896 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:13,896 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2024-11-18 14:22:13,897 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:13,897 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2024-11-18 14:22:13,898 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=121, Invalid=341, Unknown=0, NotChecked=0, Total=462 [2024-11-18 14:22:13,898 INFO L87 Difference]: Start difference. First operand 1427 states and 1636 transitions. Second operand has 22 states, 22 states have (on average 11.363636363636363) internal successors, (250), 21 states have internal predecessors, (250), 14 states have call successors, (43), 8 states have call predecessors, (43), 14 states have return successors, (43), 15 states have call predecessors, (43), 14 states have call successors, (43) [2024-11-18 14:22:14,865 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:14,866 INFO L93 Difference]: Finished difference Result 2754 states and 3230 transitions. [2024-11-18 14:22:14,866 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-18 14:22:14,867 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 22 states have (on average 11.363636363636363) internal successors, (250), 21 states have internal predecessors, (250), 14 states have call successors, (43), 8 states have call predecessors, (43), 14 states have return successors, (43), 15 states have call predecessors, (43), 14 states have call successors, (43) Word has length 212 [2024-11-18 14:22:14,867 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:14,877 INFO L225 Difference]: With dead ends: 2754 [2024-11-18 14:22:14,878 INFO L226 Difference]: Without dead ends: 1920 [2024-11-18 14:22:14,881 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 462 GetRequests, 418 SyntacticMatches, 8 SemanticMatches, 36 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 334 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=404, Invalid=1002, Unknown=0, NotChecked=0, Total=1406 [2024-11-18 14:22:14,883 INFO L432 NwaCegarLoop]: 158 mSDtfsCounter, 538 mSDsluCounter, 760 mSDsCounter, 0 mSdLazyCounter, 1059 mSolverCounterSat, 222 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 541 SdHoareTripleChecker+Valid, 918 SdHoareTripleChecker+Invalid, 1281 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 222 IncrementalHoareTripleChecker+Valid, 1059 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:14,883 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [541 Valid, 918 Invalid, 1281 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [222 Valid, 1059 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-18 14:22:14,886 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1920 states. [2024-11-18 14:22:15,032 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1920 to 1758. [2024-11-18 14:22:15,034 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1758 states, 1321 states have (on average 1.1332323996971991) internal successors, (1497), 1379 states have internal predecessors, (1497), 225 states have call successors, (225), 211 states have call predecessors, (225), 211 states have return successors, (274), 210 states have call predecessors, (274), 225 states have call successors, (274) [2024-11-18 14:22:15,041 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1758 states to 1758 states and 1996 transitions. [2024-11-18 14:22:15,043 INFO L78 Accepts]: Start accepts. Automaton has 1758 states and 1996 transitions. Word has length 212 [2024-11-18 14:22:15,044 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:15,044 INFO L471 AbstractCegarLoop]: Abstraction has 1758 states and 1996 transitions. [2024-11-18 14:22:15,045 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 22 states have (on average 11.363636363636363) internal successors, (250), 21 states have internal predecessors, (250), 14 states have call successors, (43), 8 states have call predecessors, (43), 14 states have return successors, (43), 15 states have call predecessors, (43), 14 states have call successors, (43) [2024-11-18 14:22:15,045 INFO L276 IsEmpty]: Start isEmpty. Operand 1758 states and 1996 transitions. [2024-11-18 14:22:15,050 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 269 [2024-11-18 14:22:15,050 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:15,051 INFO L215 NwaCegarLoop]: trace histogram [9, 9, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:15,069 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2024-11-18 14:22:15,251 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:15,252 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:15,252 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:15,253 INFO L85 PathProgramCache]: Analyzing trace with hash 295570816, now seen corresponding path program 1 times [2024-11-18 14:22:15,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:15,253 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [616482566] [2024-11-18 14:22:15,253 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:15,253 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:15,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:15,650 INFO L134 CoverageAnalysis]: Checked inductivity of 447 backedges. 135 proven. 87 refuted. 0 times theorem prover too weak. 225 trivial. 0 not checked. [2024-11-18 14:22:15,650 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:15,650 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [616482566] [2024-11-18 14:22:15,650 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [616482566] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:15,651 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [695621801] [2024-11-18 14:22:15,651 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:15,651 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:15,651 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:15,654 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:15,655 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-11-18 14:22:15,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:15,817 INFO L255 TraceCheckSpWp]: Trace formula consists of 741 conjuncts, 30 conjuncts are in the unsatisfiable core [2024-11-18 14:22:15,821 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:16,129 INFO L134 CoverageAnalysis]: Checked inductivity of 447 backedges. 157 proven. 91 refuted. 0 times theorem prover too weak. 199 trivial. 0 not checked. [2024-11-18 14:22:16,130 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:16,923 INFO L134 CoverageAnalysis]: Checked inductivity of 447 backedges. 102 proven. 138 refuted. 0 times theorem prover too weak. 207 trivial. 0 not checked. [2024-11-18 14:22:16,923 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [695621801] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:16,923 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:16,924 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 11, 16] total 24 [2024-11-18 14:22:16,924 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [159532672] [2024-11-18 14:22:16,924 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:16,925 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-18 14:22:16,925 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:16,926 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-18 14:22:16,927 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=126, Invalid=426, Unknown=0, NotChecked=0, Total=552 [2024-11-18 14:22:16,928 INFO L87 Difference]: Start difference. First operand 1758 states and 1996 transitions. Second operand has 24 states, 24 states have (on average 12.75) internal successors, (306), 23 states have internal predecessors, (306), 15 states have call successors, (54), 9 states have call predecessors, (54), 17 states have return successors, (58), 15 states have call predecessors, (58), 15 states have call successors, (58) [2024-11-18 14:22:18,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:18,140 INFO L93 Difference]: Finished difference Result 4138 states and 4766 transitions. [2024-11-18 14:22:18,140 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2024-11-18 14:22:18,141 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 12.75) internal successors, (306), 23 states have internal predecessors, (306), 15 states have call successors, (54), 9 states have call predecessors, (54), 17 states have return successors, (58), 15 states have call predecessors, (58), 15 states have call successors, (58) Word has length 268 [2024-11-18 14:22:18,141 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:18,144 INFO L225 Difference]: With dead ends: 4138 [2024-11-18 14:22:18,145 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:22:18,153 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 561 GetRequests, 516 SyntacticMatches, 10 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 306 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=343, Invalid=989, Unknown=0, NotChecked=0, Total=1332 [2024-11-18 14:22:18,154 INFO L432 NwaCegarLoop]: 154 mSDtfsCounter, 624 mSDsluCounter, 1090 mSDsCounter, 0 mSdLazyCounter, 1313 mSolverCounterSat, 321 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 628 SdHoareTripleChecker+Valid, 1244 SdHoareTripleChecker+Invalid, 1634 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 321 IncrementalHoareTripleChecker+Valid, 1313 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:18,154 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [628 Valid, 1244 Invalid, 1634 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [321 Valid, 1313 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-18 14:22:18,154 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:22:18,155 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:22:18,155 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:22:18,155 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:22:18,157 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 268 [2024-11-18 14:22:18,157 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:18,157 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:22:18,157 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 12.75) internal successors, (306), 23 states have internal predecessors, (306), 15 states have call successors, (54), 9 states have call predecessors, (54), 17 states have return successors, (58), 15 states have call predecessors, (58), 15 states have call successors, (58) [2024-11-18 14:22:18,157 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:22:18,157 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:22:18,160 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:22:18,178 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2024-11-18 14:22:18,364 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable13 [2024-11-18 14:22:18,367 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:18,368 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:22:33,778 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:22:33,796 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 (<= ~waterLevel~0 0) .cse2) (and .cse0 .cse1 (= ~waterLevel~0 1) .cse2))) (= ~pumpRunning~0 1)) Eliminated clause: (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (or (and .cse0 (= ~waterLevel~0 1) .cse1) (and .cse0 (<= ~waterLevel~0 0) .cse1))) (= ~pumpRunning~0 1)) [2024-11-18 14:22:33,812 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse3 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= ~methaneLevelCritical~0 0))) (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2)) (.cse2 (= ~pumpRunning~0 1))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse2) (and .cse3 .cse0 .cse1 .cse2))) (or .cse3 (not .cse4)) (or (not .cse3) .cse4))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse3 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= ~methaneLevelCritical~0 0))) (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2)) (.cse2 (= ~pumpRunning~0 1))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse2) (and .cse3 .cse0 .cse1 .cse2))) (or .cse3 (not .cse4)) (or (not .cse3) .cse4)))) [2024-11-18 14:22:33,815 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:33,821 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse5 (= |old(~pumpRunning~0)| 1)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not .cse7)) (.cse0 (< |old(~switchedOnBeforeTS~0)| 1)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1) (or (< 1 |old(~waterLevel~0)|) .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse2 (and (= ~pumpRunning~0 0) .cse3)) (let ((.cse4 (= 1 ~systemActive~0)) (.cse6 (<= |old(~waterLevel~0)| 2))) (or (and .cse4 .cse5 .cse6) (and .cse4 .cse7 .cse6))) (or (not .cse5) (and .cse3 (= ~pumpRunning~0 1))) (or .cse2 .cse0 (< 0 |old(~waterLevel~0)|) .cse1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (not .cse7)) (.cse5 (= |old(~pumpRunning~0)| 1)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (< |old(~switchedOnBeforeTS~0)| 1)) (.cse1 (< 0 ~switchedOnBeforeTS~0))) (and (or (< 1 |old(~waterLevel~0)|) .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse2 .cse0 .cse1 (< 0 |old(~waterLevel~0)|)) (or .cse2 (and (= ~pumpRunning~0 0) .cse3)) (let ((.cse4 (= 1 ~systemActive~0)) (.cse6 (<= |old(~waterLevel~0)| 2))) (or (and .cse4 .cse5 .cse6) (and .cse4 .cse7 .cse6))) (or (not .cse5) (and .cse3 (= ~pumpRunning~0 1))) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1))))) [2024-11-18 14:22:33,839 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:33,849 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= ~pumpRunning~0 0))) (and (or (not .cse0) .cse1) (or (not .cse2) (= ~pumpRunning~0 1)) (let ((.cse4 (<= ~waterLevel~0 0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= 1 ~systemActive~0)) (.cse6 (= ~waterLevel~0 1))) (or (and .cse3 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse3 .cse0) (and .cse3 .cse0 .cse4) (and .cse3 .cse2 .cse6 .cse5) (and .cse3 .cse0 .cse6))) (or .cse1 (= ~methaneLevelCritical~0 0)))) Eliminated clause: (let ((.cse1 (= ~pumpRunning~0 0))) (and (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) .cse1) (or (not .cse2) (= ~pumpRunning~0 1)) (let ((.cse4 (<= ~waterLevel~0 0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= 1 ~systemActive~0)) (.cse6 (= ~waterLevel~0 1))) (or (and .cse3 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse3 .cse0) (and .cse3 .cse0 .cse4) (and .cse3 .cse2 .cse6 .cse5) (and .cse3 .cse0 .cse6)))))) (or .cse1 (= ~methaneLevelCritical~0 0)))) [2024-11-18 14:22:33,855 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:33,858 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse4 (= |old(~waterLevel~0)| 2)) (.cse2 (= ~pumpRunning~0 1)) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (<= |old(~waterLevel~0)| 1))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse0 .cse4) (and .cse0 .cse4 .cse2) (and .cse3 .cse0 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse2 (= ~pumpRunning~0 1)) (.cse3 (<= ~waterLevel~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (= 2 ~waterLevel~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and (= ~methaneLevelCritical~0 0) .cse3 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse4 .cse3 .cse1) (and .cse4 .cse0 .cse1))) [2024-11-18 14:22:33,868 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= ~pumpRunning~0 0))) (and (or (not .cse0) .cse1) (or (not .cse2) (= ~pumpRunning~0 1)) (let ((.cse4 (<= ~waterLevel~0 0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= 1 ~systemActive~0)) (.cse6 (= ~waterLevel~0 1))) (or (and .cse3 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse3 .cse0) (and .cse3 .cse0 .cse4) (and .cse3 .cse2 .cse6 .cse5) (and .cse3 .cse0 .cse6))) (or .cse1 (= ~methaneLevelCritical~0 0)))) Eliminated clause: (let ((.cse1 (= ~pumpRunning~0 0))) (and (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) .cse1) (or (not .cse2) (= ~pumpRunning~0 1)) (let ((.cse4 (<= ~waterLevel~0 0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= 1 ~systemActive~0)) (.cse6 (= ~waterLevel~0 1))) (or (and .cse3 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse3 .cse0) (and .cse3 .cse0 .cse4) (and .cse3 .cse2 .cse6 .cse5) (and .cse3 .cse0 .cse6)))))) (or .cse1 (= ~methaneLevelCritical~0 0)))) [2024-11-18 14:22:33,874 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:33,879 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:22:33 BoogieIcfgContainer [2024-11-18 14:22:33,879 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:22:33,879 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:22:33,880 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:22:33,880 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:22:33,880 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:02" (3/4) ... [2024-11-18 14:22:33,883 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:22:33,888 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-18 14:22:33,888 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:22:33,888 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:22:33,889 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-18 14:22:33,896 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-18 14:22:33,896 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:22:33,897 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:22:33,897 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:22:33,897 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:22:34,008 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:22:34,008 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:22:34,008 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:22:34,009 INFO L158 Benchmark]: Toolchain (without parser) took 32767.07ms. Allocated memory was 157.3MB in the beginning and 476.1MB in the end (delta: 318.8MB). Free memory was 92.7MB in the beginning and 339.7MB in the end (delta: -247.0MB). Peak memory consumption was 72.0MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,009 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 94.4MB. Free memory is still 49.3MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:22:34,009 INFO L158 Benchmark]: CACSL2BoogieTranslator took 590.48ms. Allocated memory is still 157.3MB. Free memory was 92.7MB in the beginning and 119.8MB in the end (delta: -27.1MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,010 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.47ms. Allocated memory is still 157.3MB. Free memory was 119.8MB in the beginning and 117.1MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,010 INFO L158 Benchmark]: Boogie Preprocessor took 64.61ms. Allocated memory is still 157.3MB. Free memory was 117.1MB in the beginning and 114.4MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,011 INFO L158 Benchmark]: RCFGBuilder took 524.07ms. Allocated memory is still 157.3MB. Free memory was 114.4MB in the beginning and 94.9MB in the end (delta: 19.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,012 INFO L158 Benchmark]: TraceAbstraction took 31391.88ms. Allocated memory was 157.3MB in the beginning and 476.1MB in the end (delta: 318.8MB). Free memory was 94.0MB in the beginning and 348.1MB in the end (delta: -254.1MB). Peak memory consumption was 261.4MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,012 INFO L158 Benchmark]: Witness Printer took 128.84ms. Allocated memory is still 476.1MB. Free memory was 348.1MB in the beginning and 339.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:22:34,015 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 94.4MB. Free memory is still 49.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 590.48ms. Allocated memory is still 157.3MB. Free memory was 92.7MB in the beginning and 119.8MB in the end (delta: -27.1MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.47ms. Allocated memory is still 157.3MB. Free memory was 119.8MB in the beginning and 117.1MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 64.61ms. Allocated memory is still 157.3MB. Free memory was 117.1MB in the beginning and 114.4MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 524.07ms. Allocated memory is still 157.3MB. Free memory was 114.4MB in the beginning and 94.9MB in the end (delta: 19.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 31391.88ms. Allocated memory was 157.3MB in the beginning and 476.1MB in the end (delta: 318.8MB). Free memory was 94.0MB in the beginning and 348.1MB in the end (delta: -254.1MB). Peak memory consumption was 261.4MB. Max. memory is 16.1GB. * Witness Printer took 128.84ms. Allocated memory is still 476.1MB. Free memory was 348.1MB in the beginning and 339.7MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] - GenericResultAtLocation [Line: 220]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] - GenericResultAtLocation [Line: 323]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] - GenericResultAtLocation [Line: 560]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] - GenericResultAtLocation [Line: 627]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] - GenericResultAtLocation [Line: 662]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 216]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 106 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 15.8s, OverallIterations: 14, TraceHistogramMax: 9, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 6.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3859 SdHoareTripleChecker+Valid, 3.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3826 mSDsluCounter, 8263 SdHoareTripleChecker+Invalid, 3.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 6373 mSDsCounter, 1379 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5451 IncrementalHoareTripleChecker+Invalid, 6830 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1379 mSolverCounterUnsat, 1890 mSDtfsCounter, 5451 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 2232 GetRequests, 1985 SyntacticMatches, 26 SemanticMatches, 221 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1712 ImplicationChecksByTransitivity, 2.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1758occurred in iteration=13, InterpolantAutomatonStates: 159, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 14 MinimizatonAttempts, 487 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 6.3s InterpolantComputationTime, 2435 NumberOfCodeBlocks, 2435 NumberOfCodeBlocksAsserted, 19 NumberOfCheckSat, 3408 ConstructedInterpolants, 0 QuantifiedInterpolants, 7753 SizeOfPredicates, 5 NumberOfNonLiveVariables, 2875 ConjunctsInSsa, 81 ConjunctsInUnsatCore, 24 InterpolantComputations, 9 PerfectInterpolantSequences, 2930/3600 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 571]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || ((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || ((((2 == waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 570]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 450]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 == systemActive) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || (((1 == systemActive) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) && (pumpRunning == 1)) Ensures: (((pumpRunning == 0) && (((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 357]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && (((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 135]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: ((((((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) == 0))) && (((2 == waterLevel) || (\old(methaneLevelCritical) == 0)) || (pumpRunning != 1))) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical != 0))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 330]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: (((((((((((((\old(switchedOnBeforeTS) < 1) || (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (0 < \old(waterLevel))) || (methaneLevelCritical != 0)) || (((((1 == systemActive) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || (\old(pumpRunning) != 1)) && ((((methaneLevelCritical == 0) || (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (0 < \old(waterLevel))) || (\old(pumpRunning) != 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)))) && ((((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2)) || ((2 == waterLevel) && (pumpRunning == 1)))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel)))) && ((((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((\old(waterLevel) == ((long long) waterLevel + 1)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || (methaneLevelCritical != 0)) || (((((1 == systemActive) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (\old(waterLevel) == ((long long) waterLevel + 1))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) != 1))) && (((((methaneLevelCritical == 0) || (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 0)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (\old(waterLevel) == ((long long) waterLevel + 1))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) != 1)) || (2 < \old(waterLevel)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 223]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 365]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((pumpRunning == 0) || (methaneLevelCritical == 0)) Ensures: ((((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (2 == waterLevel)) && (((pumpRunning == 0) || (methaneLevelCritical == 0)) || (1 < waterLevel))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && ((((((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)) || (((2 == waterLevel) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 0))) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel == 1)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 123]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1)) || (((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((1 == systemActive) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 391]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((pumpRunning == 0) || (methaneLevelCritical == 0)) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (2 == waterLevel)) && ((pumpRunning == 0) || (pumpRunning == 1))) && (((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)) || (((2 == waterLevel) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 0))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel == 1))) || (((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 469]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning != 0) || (\result == 0)) && (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1)))) && ((\result == 1) || (pumpRunning != 1))) && (((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:22:34,061 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE