./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 803cd42f Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-803cd42-m [2024-11-22 02:05:06,623 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-22 02:05:06,659 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-22 02:05:06,662 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-22 02:05:06,663 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-22 02:05:06,677 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-22 02:05:06,678 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-22 02:05:06,678 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-22 02:05:06,679 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-22 02:05:06,679 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-22 02:05:06,679 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-22 02:05:06,680 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-22 02:05:06,680 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-22 02:05:06,680 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-22 02:05:06,681 INFO L153 SettingsManager]: * Use SBE=true [2024-11-22 02:05:06,681 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-22 02:05:06,681 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-22 02:05:06,681 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-22 02:05:06,682 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-22 02:05:06,682 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-22 02:05:06,682 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-22 02:05:06,684 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-22 02:05:06,685 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-22 02:05:06,685 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-22 02:05:06,685 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-22 02:05:06,686 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-22 02:05:06,686 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-22 02:05:06,686 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-22 02:05:06,686 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-22 02:05:06,687 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-22 02:05:06,687 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-22 02:05:06,687 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-22 02:05:06,687 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:05:06,687 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-22 02:05:06,688 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-22 02:05:06,688 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-22 02:05:06,688 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-22 02:05:06,688 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-22 02:05:06,688 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-22 02:05:06,689 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-22 02:05:06,689 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-22 02:05:06,689 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-22 02:05:06,689 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 [2024-11-22 02:05:06,859 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-22 02:05:06,880 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-22 02:05:06,883 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-22 02:05:06,884 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-22 02:05:06,886 INFO L274 PluginConnector]: CDTParser initialized [2024-11-22 02:05:06,887 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2024-11-22 02:05:08,326 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-22 02:05:08,533 INFO L384 CDTParser]: Found 1 translation units. [2024-11-22 02:05:08,534 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2024-11-22 02:05:08,544 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/65aecf102/4a632a12e97b42babd8c2131ce093e42/FLAG1492a40b6 [2024-11-22 02:05:08,928 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/65aecf102/4a632a12e97b42babd8c2131ce093e42 [2024-11-22 02:05:08,934 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-22 02:05:08,936 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-22 02:05:08,939 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-22 02:05:08,943 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-22 02:05:08,952 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-22 02:05:08,957 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:05:08" (1/1) ... [2024-11-22 02:05:08,958 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@713fa278 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:08, skipping insertion in model container [2024-11-22 02:05:08,958 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:05:08" (1/1) ... [2024-11-22 02:05:09,018 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-22 02:05:09,394 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2024-11-22 02:05:09,445 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:05:09,482 INFO L200 MainTranslator]: Completed pre-run [2024-11-22 02:05:09,497 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-11-22 02:05:09,498 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] [2024-11-22 02:05:09,502 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [526] [2024-11-22 02:05:09,502 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [564] [2024-11-22 02:05:09,502 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [600] [2024-11-22 02:05:09,503 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [609] [2024-11-22 02:05:09,503 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [828] [2024-11-22 02:05:09,503 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [894] [2024-11-22 02:05:09,598 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2024-11-22 02:05:09,623 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:05:09,658 INFO L204 MainTranslator]: Completed translation [2024-11-22 02:05:09,660 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09 WrapperNode [2024-11-22 02:05:09,663 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-22 02:05:09,666 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-22 02:05:09,666 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-22 02:05:09,667 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-22 02:05:09,680 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,699 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,753 INFO L138 Inliner]: procedures = 56, calls = 101, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 227 [2024-11-22 02:05:09,754 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-22 02:05:09,754 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-22 02:05:09,754 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-22 02:05:09,754 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-22 02:05:09,779 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,779 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,788 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,807 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-22 02:05:09,811 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,812 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,815 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,824 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,829 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,830 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,832 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-22 02:05:09,833 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-22 02:05:09,833 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-22 02:05:09,833 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-22 02:05:09,834 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (1/1) ... [2024-11-22 02:05:09,847 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:05:09,862 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:05:09,882 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-22 02:05:09,884 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-22 02:05:09,929 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-22 02:05:09,930 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-22 02:05:09,930 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-22 02:05:09,930 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-22 02:05:09,930 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-22 02:05:09,930 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-22 02:05:09,930 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-22 02:05:09,931 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-22 02:05:09,931 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-22 02:05:09,931 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:09,931 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:09,931 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-22 02:05:09,931 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-22 02:05:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-22 02:05:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-22 02:05:09,932 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-22 02:05:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-22 02:05:09,932 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-22 02:05:10,011 INFO L238 CfgBuilder]: Building ICFG [2024-11-22 02:05:10,015 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-22 02:05:10,273 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-22 02:05:10,273 INFO L287 CfgBuilder]: Performing block encoding [2024-11-22 02:05:10,292 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-22 02:05:10,292 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-22 02:05:10,292 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:10 BoogieIcfgContainer [2024-11-22 02:05:10,293 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-22 02:05:10,298 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-22 02:05:10,298 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-22 02:05:10,301 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-22 02:05:10,302 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.11 02:05:08" (1/3) ... [2024-11-22 02:05:10,302 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@381bc016 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:05:10, skipping insertion in model container [2024-11-22 02:05:10,306 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:09" (2/3) ... [2024-11-22 02:05:10,306 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@381bc016 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:05:10, skipping insertion in model container [2024-11-22 02:05:10,307 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:10" (3/3) ... [2024-11-22 02:05:10,308 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product57.cil.c [2024-11-22 02:05:10,336 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-22 02:05:10,337 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-22 02:05:10,402 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-22 02:05:10,413 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@39d0ab52, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-22 02:05:10,414 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-22 02:05:10,422 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 72 states have (on average 1.3888888888888888) internal successors, (100), 80 states have internal predecessors, (100), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-22 02:05:10,436 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-22 02:05:10,437 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:10,437 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:10,438 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:10,445 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:10,445 INFO L85 PathProgramCache]: Analyzing trace with hash 358613796, now seen corresponding path program 1 times [2024-11-22 02:05:10,453 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:10,454 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [575715348] [2024-11-22 02:05:10,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:10,455 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:10,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:10,717 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:10,722 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:10,725 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [575715348] [2024-11-22 02:05:10,726 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [575715348] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:10,726 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:10,726 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-22 02:05:10,727 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [623964972] [2024-11-22 02:05:10,728 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:10,736 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-22 02:05:10,739 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:10,772 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-22 02:05:10,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:05:10,776 INFO L87 Difference]: Start difference. First operand has 93 states, 72 states have (on average 1.3888888888888888) internal successors, (100), 80 states have internal predecessors, (100), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:10,818 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:10,820 INFO L93 Difference]: Finished difference Result 178 states and 243 transitions. [2024-11-22 02:05:10,821 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-22 02:05:10,825 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-22 02:05:10,826 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:10,858 INFO L225 Difference]: With dead ends: 178 [2024-11-22 02:05:10,859 INFO L226 Difference]: Without dead ends: 84 [2024-11-22 02:05:10,862 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:05:10,865 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 118 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:10,868 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:10,883 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2024-11-22 02:05:10,937 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2024-11-22 02:05:10,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 65 states have (on average 1.323076923076923) internal successors, (86), 72 states have internal predecessors, (86), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-22 02:05:10,945 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 109 transitions. [2024-11-22 02:05:10,950 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 109 transitions. Word has length 25 [2024-11-22 02:05:10,951 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:10,951 INFO L471 AbstractCegarLoop]: Abstraction has 84 states and 109 transitions. [2024-11-22 02:05:10,951 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:10,955 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 109 transitions. [2024-11-22 02:05:10,957 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-22 02:05:10,957 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:10,957 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:10,957 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-22 02:05:10,957 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:10,958 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:10,958 INFO L85 PathProgramCache]: Analyzing trace with hash 1691145883, now seen corresponding path program 1 times [2024-11-22 02:05:10,958 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:10,958 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1907115103] [2024-11-22 02:05:10,959 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:10,959 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:10,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:11,090 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:11,090 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:11,090 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1907115103] [2024-11-22 02:05:11,091 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1907115103] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:11,091 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:11,091 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:05:11,091 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1628200774] [2024-11-22 02:05:11,091 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:11,092 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:05:11,092 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:11,093 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:05:11,093 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:11,093 INFO L87 Difference]: Start difference. First operand 84 states and 109 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,129 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:11,135 INFO L93 Difference]: Finished difference Result 134 states and 174 transitions. [2024-11-22 02:05:11,136 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:05:11,136 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-22 02:05:11,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:11,137 INFO L225 Difference]: With dead ends: 134 [2024-11-22 02:05:11,137 INFO L226 Difference]: Without dead ends: 75 [2024-11-22 02:05:11,138 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:11,138 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 12 mSDsluCounter, 80 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:11,139 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 176 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:11,144 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2024-11-22 02:05:11,154 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2024-11-22 02:05:11,158 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.3389830508474576) internal successors, (79), 66 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-22 02:05:11,159 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 97 transitions. [2024-11-22 02:05:11,163 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 97 transitions. Word has length 26 [2024-11-22 02:05:11,164 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:11,164 INFO L471 AbstractCegarLoop]: Abstraction has 75 states and 97 transitions. [2024-11-22 02:05:11,164 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,164 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 97 transitions. [2024-11-22 02:05:11,165 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-22 02:05:11,165 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:11,165 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:11,167 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-22 02:05:11,167 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:11,168 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:11,168 INFO L85 PathProgramCache]: Analyzing trace with hash 1032855392, now seen corresponding path program 1 times [2024-11-22 02:05:11,169 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:11,169 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1234782418] [2024-11-22 02:05:11,169 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:11,170 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:11,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:11,407 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:11,407 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:11,407 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1234782418] [2024-11-22 02:05:11,407 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1234782418] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:11,407 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:11,407 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-22 02:05:11,408 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1312252979] [2024-11-22 02:05:11,408 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:11,408 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-22 02:05:11,408 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:11,408 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-22 02:05:11,409 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-22 02:05:11,409 INFO L87 Difference]: Start difference. First operand 75 states and 97 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,565 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:11,567 INFO L93 Difference]: Finished difference Result 143 states and 188 transitions. [2024-11-22 02:05:11,571 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:11,572 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2024-11-22 02:05:11,572 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:11,573 INFO L225 Difference]: With dead ends: 143 [2024-11-22 02:05:11,573 INFO L226 Difference]: Without dead ends: 75 [2024-11-22 02:05:11,574 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-22 02:05:11,576 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 93 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 47 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:11,579 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 239 Invalid, 47 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:05:11,581 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2024-11-22 02:05:11,590 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2024-11-22 02:05:11,593 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 66 states have internal predecessors, (78), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-22 02:05:11,594 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 96 transitions. [2024-11-22 02:05:11,594 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 96 transitions. Word has length 30 [2024-11-22 02:05:11,595 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:11,595 INFO L471 AbstractCegarLoop]: Abstraction has 75 states and 96 transitions. [2024-11-22 02:05:11,595 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,595 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 96 transitions. [2024-11-22 02:05:11,596 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-22 02:05:11,599 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:11,599 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:11,599 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-22 02:05:11,599 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:11,600 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:11,600 INFO L85 PathProgramCache]: Analyzing trace with hash 1487539860, now seen corresponding path program 1 times [2024-11-22 02:05:11,600 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:11,600 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1136334028] [2024-11-22 02:05:11,600 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:11,600 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:11,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:11,673 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:11,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:11,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1136334028] [2024-11-22 02:05:11,674 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1136334028] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:11,674 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:11,674 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:05:11,674 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [716331305] [2024-11-22 02:05:11,674 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:11,675 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:05:11,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:11,675 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:05:11,675 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:11,675 INFO L87 Difference]: Start difference. First operand 75 states and 96 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,729 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:11,729 INFO L93 Difference]: Finished difference Result 188 states and 246 transitions. [2024-11-22 02:05:11,735 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:05:11,735 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 38 [2024-11-22 02:05:11,735 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:11,736 INFO L225 Difference]: With dead ends: 188 [2024-11-22 02:05:11,736 INFO L226 Difference]: Without dead ends: 120 [2024-11-22 02:05:11,737 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:11,738 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 75 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 170 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:11,738 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 170 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:11,739 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2024-11-22 02:05:11,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 118. [2024-11-22 02:05:11,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 92 states have (on average 1.3043478260869565) internal successors, (120), 100 states have internal predecessors, (120), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2024-11-22 02:05:11,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 150 transitions. [2024-11-22 02:05:11,781 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 150 transitions. Word has length 38 [2024-11-22 02:05:11,781 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:11,781 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 150 transitions. [2024-11-22 02:05:11,782 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:11,782 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 150 transitions. [2024-11-22 02:05:11,783 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-22 02:05:11,783 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:11,783 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:11,783 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-22 02:05:11,783 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:11,783 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:11,783 INFO L85 PathProgramCache]: Analyzing trace with hash -703403747, now seen corresponding path program 1 times [2024-11-22 02:05:11,783 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:11,784 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [366348634] [2024-11-22 02:05:11,784 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:11,784 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:11,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:11,972 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:11,972 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:11,972 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [366348634] [2024-11-22 02:05:11,972 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [366348634] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:11,973 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:11,973 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:11,973 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2011943705] [2024-11-22 02:05:11,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:11,973 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:11,973 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:11,975 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:11,978 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:11,978 INFO L87 Difference]: Start difference. First operand 118 states and 150 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:12,082 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:12,088 INFO L93 Difference]: Finished difference Result 315 states and 416 transitions. [2024-11-22 02:05:12,088 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:12,089 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2024-11-22 02:05:12,089 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:12,095 INFO L225 Difference]: With dead ends: 315 [2024-11-22 02:05:12,097 INFO L226 Difference]: Without dead ends: 204 [2024-11-22 02:05:12,099 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:12,100 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 45 mSDsluCounter, 259 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 349 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:12,106 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 349 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:05:12,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2024-11-22 02:05:12,184 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 204. [2024-11-22 02:05:12,230 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 204 states, 158 states have (on average 1.2784810126582278) internal successors, (202), 169 states have internal predecessors, (202), 24 states have call successors, (24), 22 states have call predecessors, (24), 21 states have return successors, (33), 23 states have call predecessors, (33), 24 states have call successors, (33) [2024-11-22 02:05:12,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 204 states to 204 states and 259 transitions. [2024-11-22 02:05:12,236 INFO L78 Accepts]: Start accepts. Automaton has 204 states and 259 transitions. Word has length 46 [2024-11-22 02:05:12,237 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:12,237 INFO L471 AbstractCegarLoop]: Abstraction has 204 states and 259 transitions. [2024-11-22 02:05:12,237 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:12,237 INFO L276 IsEmpty]: Start isEmpty. Operand 204 states and 259 transitions. [2024-11-22 02:05:12,238 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:12,239 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:12,239 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:12,242 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-22 02:05:12,242 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:12,243 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:12,243 INFO L85 PathProgramCache]: Analyzing trace with hash 1237679491, now seen corresponding path program 1 times [2024-11-22 02:05:12,243 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:12,243 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1405906743] [2024-11-22 02:05:12,243 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:12,243 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:12,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:12,434 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:12,434 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:12,434 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1405906743] [2024-11-22 02:05:12,435 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1405906743] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:12,435 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:12,435 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:12,435 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1932841802] [2024-11-22 02:05:12,435 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:12,435 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:12,435 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:12,436 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:12,436 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:12,436 INFO L87 Difference]: Start difference. First operand 204 states and 259 transitions. Second operand has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,523 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:12,524 INFO L93 Difference]: Finished difference Result 416 states and 560 transitions. [2024-11-22 02:05:12,524 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:12,524 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-22 02:05:12,525 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:12,528 INFO L225 Difference]: With dead ends: 416 [2024-11-22 02:05:12,530 INFO L226 Difference]: Without dead ends: 305 [2024-11-22 02:05:12,531 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:12,533 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 73 mSDsluCounter, 254 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 342 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:12,537 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 342 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:12,538 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2024-11-22 02:05:12,583 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 301. [2024-11-22 02:05:12,583 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 234 states have (on average 1.2777777777777777) internal successors, (299), 250 states have internal predecessors, (299), 35 states have call successors, (35), 32 states have call predecessors, (35), 31 states have return successors, (56), 34 states have call predecessors, (56), 35 states have call successors, (56) [2024-11-22 02:05:12,586 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 390 transitions. [2024-11-22 02:05:12,586 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 390 transitions. Word has length 50 [2024-11-22 02:05:12,586 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:12,587 INFO L471 AbstractCegarLoop]: Abstraction has 301 states and 390 transitions. [2024-11-22 02:05:12,587 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,587 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 390 transitions. [2024-11-22 02:05:12,589 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:12,592 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:12,592 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:12,592 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-22 02:05:12,593 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:12,593 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:12,593 INFO L85 PathProgramCache]: Analyzing trace with hash 1103665985, now seen corresponding path program 1 times [2024-11-22 02:05:12,594 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:12,594 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1759346188] [2024-11-22 02:05:12,594 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:12,594 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:12,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:12,671 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:12,671 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:12,672 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1759346188] [2024-11-22 02:05:12,672 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1759346188] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:12,672 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:12,672 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-22 02:05:12,672 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1237708916] [2024-11-22 02:05:12,672 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:12,673 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-22 02:05:12,673 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:12,673 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-22 02:05:12,674 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:12,674 INFO L87 Difference]: Start difference. First operand 301 states and 390 transitions. Second operand has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,704 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:12,704 INFO L93 Difference]: Finished difference Result 513 states and 678 transitions. [2024-11-22 02:05:12,705 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-22 02:05:12,705 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-22 02:05:12,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:12,706 INFO L225 Difference]: With dead ends: 513 [2024-11-22 02:05:12,707 INFO L226 Difference]: Without dead ends: 301 [2024-11-22 02:05:12,707 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:12,708 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 279 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:12,712 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 279 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:12,713 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2024-11-22 02:05:12,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 301. [2024-11-22 02:05:12,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 234 states have (on average 1.2735042735042734) internal successors, (298), 250 states have internal predecessors, (298), 35 states have call successors, (35), 32 states have call predecessors, (35), 31 states have return successors, (56), 34 states have call predecessors, (56), 35 states have call successors, (56) [2024-11-22 02:05:12,738 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 389 transitions. [2024-11-22 02:05:12,739 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 389 transitions. Word has length 50 [2024-11-22 02:05:12,739 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:12,739 INFO L471 AbstractCegarLoop]: Abstraction has 301 states and 389 transitions. [2024-11-22 02:05:12,740 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,740 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 389 transitions. [2024-11-22 02:05:12,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:12,741 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:12,742 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:12,742 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-22 02:05:12,742 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:12,743 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:12,743 INFO L85 PathProgramCache]: Analyzing trace with hash 1322520703, now seen corresponding path program 1 times [2024-11-22 02:05:12,743 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:12,743 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1630477075] [2024-11-22 02:05:12,743 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:12,743 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:12,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:12,805 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:12,805 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:12,806 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1630477075] [2024-11-22 02:05:12,806 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1630477075] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:12,806 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:12,806 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:12,806 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [796959701] [2024-11-22 02:05:12,807 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:12,807 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:12,807 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:12,808 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:12,808 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:12,809 INFO L87 Difference]: Start difference. First operand 301 states and 389 transitions. Second operand has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,859 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:12,859 INFO L93 Difference]: Finished difference Result 598 states and 792 transitions. [2024-11-22 02:05:12,859 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:12,860 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-22 02:05:12,861 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:12,863 INFO L225 Difference]: With dead ends: 598 [2024-11-22 02:05:12,863 INFO L226 Difference]: Without dead ends: 304 [2024-11-22 02:05:12,864 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:12,866 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 276 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 372 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:12,867 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 372 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:12,869 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 304 states. [2024-11-22 02:05:12,891 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 304 to 304. [2024-11-22 02:05:12,892 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 304 states, 239 states have (on average 1.2635983263598327) internal successors, (302), 254 states have internal predecessors, (302), 34 states have call successors, (34), 31 states have call predecessors, (34), 30 states have return successors, (55), 33 states have call predecessors, (55), 34 states have call successors, (55) [2024-11-22 02:05:12,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 304 states to 304 states and 391 transitions. [2024-11-22 02:05:12,895 INFO L78 Accepts]: Start accepts. Automaton has 304 states and 391 transitions. Word has length 50 [2024-11-22 02:05:12,895 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:12,895 INFO L471 AbstractCegarLoop]: Abstraction has 304 states and 391 transitions. [2024-11-22 02:05:12,896 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:12,896 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 391 transitions. [2024-11-22 02:05:12,898 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-22 02:05:12,898 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:12,898 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:12,899 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-22 02:05:12,900 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:12,901 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:12,901 INFO L85 PathProgramCache]: Analyzing trace with hash -782958681, now seen corresponding path program 1 times [2024-11-22 02:05:12,901 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:12,901 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [998232260] [2024-11-22 02:05:12,901 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:12,901 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:12,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:13,072 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-22 02:05:13,076 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:13,076 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [998232260] [2024-11-22 02:05:13,076 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [998232260] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-22 02:05:13,076 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [410892443] [2024-11-22 02:05:13,076 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:13,077 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-22 02:05:13,077 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:05:13,082 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-22 02:05:13,087 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-22 02:05:13,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:13,162 INFO L255 TraceCheckSpWp]: Trace formula consists of 225 conjuncts, 15 conjuncts are in the unsatisfiable core [2024-11-22 02:05:13,167 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-22 02:05:13,287 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:13,288 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-22 02:05:13,288 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [410892443] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:13,288 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-22 02:05:13,288 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [8] total 12 [2024-11-22 02:05:13,289 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1482951862] [2024-11-22 02:05:13,289 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:13,289 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-22 02:05:13,289 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:13,290 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-22 02:05:13,290 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2024-11-22 02:05:13,290 INFO L87 Difference]: Start difference. First operand 304 states and 391 transitions. Second operand has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:13,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:13,399 INFO L93 Difference]: Finished difference Result 893 states and 1180 transitions. [2024-11-22 02:05:13,399 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-22 02:05:13,399 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 55 [2024-11-22 02:05:13,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:13,402 INFO L225 Difference]: With dead ends: 893 [2024-11-22 02:05:13,403 INFO L226 Difference]: Without dead ends: 596 [2024-11-22 02:05:13,404 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 62 GetRequests, 52 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2024-11-22 02:05:13,405 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 54 mSDsluCounter, 370 mSDsCounter, 0 mSdLazyCounter, 110 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 463 SdHoareTripleChecker+Invalid, 112 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 110 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:13,406 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 463 Invalid, 112 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 110 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:05:13,407 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 596 states. [2024-11-22 02:05:13,440 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 596 to 594. [2024-11-22 02:05:13,441 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 594 states, 466 states have (on average 1.2510729613733906) internal successors, (583), 492 states have internal predecessors, (583), 68 states have call successors, (68), 62 states have call predecessors, (68), 59 states have return successors, (113), 65 states have call predecessors, (113), 68 states have call successors, (113) [2024-11-22 02:05:13,445 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 594 states to 594 states and 764 transitions. [2024-11-22 02:05:13,447 INFO L78 Accepts]: Start accepts. Automaton has 594 states and 764 transitions. Word has length 55 [2024-11-22 02:05:13,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:13,447 INFO L471 AbstractCegarLoop]: Abstraction has 594 states and 764 transitions. [2024-11-22 02:05:13,447 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:13,447 INFO L276 IsEmpty]: Start isEmpty. Operand 594 states and 764 transitions. [2024-11-22 02:05:13,448 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-22 02:05:13,448 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:13,449 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:13,456 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-22 02:05:13,649 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-22 02:05:13,650 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:13,650 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:13,651 INFO L85 PathProgramCache]: Analyzing trace with hash 844263809, now seen corresponding path program 1 times [2024-11-22 02:05:13,651 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:13,651 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1051165678] [2024-11-22 02:05:13,651 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:13,651 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:13,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:13,788 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:05:13,788 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:13,788 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1051165678] [2024-11-22 02:05:13,789 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1051165678] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:13,789 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:13,789 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-22 02:05:13,789 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [909424145] [2024-11-22 02:05:13,789 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:13,789 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-22 02:05:13,789 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:13,790 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-22 02:05:13,790 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-11-22 02:05:13,790 INFO L87 Difference]: Start difference. First operand 594 states and 764 transitions. Second operand has 8 states, 8 states have (on average 5.625) internal successors, (45), 8 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:13,891 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:13,891 INFO L93 Difference]: Finished difference Result 1181 states and 1540 transitions. [2024-11-22 02:05:13,891 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-22 02:05:13,892 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.625) internal successors, (45), 8 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 56 [2024-11-22 02:05:13,892 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:13,894 INFO L225 Difference]: With dead ends: 1181 [2024-11-22 02:05:13,894 INFO L226 Difference]: Without dead ends: 594 [2024-11-22 02:05:13,896 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2024-11-22 02:05:13,896 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 104 mSDsluCounter, 553 mSDsCounter, 0 mSdLazyCounter, 52 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 675 SdHoareTripleChecker+Invalid, 66 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 52 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:13,897 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 675 Invalid, 66 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 52 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:13,897 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 594 states. [2024-11-22 02:05:13,923 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 594 to 594. [2024-11-22 02:05:13,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 594 states, 466 states have (on average 1.2167381974248928) internal successors, (567), 492 states have internal predecessors, (567), 68 states have call successors, (68), 62 states have call predecessors, (68), 59 states have return successors, (102), 65 states have call predecessors, (102), 68 states have call successors, (102) [2024-11-22 02:05:13,926 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 594 states to 594 states and 737 transitions. [2024-11-22 02:05:13,927 INFO L78 Accepts]: Start accepts. Automaton has 594 states and 737 transitions. Word has length 56 [2024-11-22 02:05:13,927 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:13,927 INFO L471 AbstractCegarLoop]: Abstraction has 594 states and 737 transitions. [2024-11-22 02:05:13,927 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.625) internal successors, (45), 8 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:13,927 INFO L276 IsEmpty]: Start isEmpty. Operand 594 states and 737 transitions. [2024-11-22 02:05:13,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-22 02:05:13,928 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:13,929 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:13,929 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-22 02:05:13,929 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:13,929 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:13,929 INFO L85 PathProgramCache]: Analyzing trace with hash 605332931, now seen corresponding path program 1 times [2024-11-22 02:05:13,929 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:13,930 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [607397653] [2024-11-22 02:05:13,930 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:13,930 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:13,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:14,013 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-22 02:05:14,014 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:14,014 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [607397653] [2024-11-22 02:05:14,014 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [607397653] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:14,014 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:14,014 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-22 02:05:14,014 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [502016083] [2024-11-22 02:05:14,014 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:14,015 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-22 02:05:14,015 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:14,015 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-22 02:05:14,015 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-22 02:05:14,016 INFO L87 Difference]: Start difference. First operand 594 states and 737 transitions. Second operand has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 8 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:14,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:14,131 INFO L93 Difference]: Finished difference Result 1165 states and 1464 transitions. [2024-11-22 02:05:14,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-22 02:05:14,132 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 8 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-11-22 02:05:14,132 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:14,135 INFO L225 Difference]: With dead ends: 1165 [2024-11-22 02:05:14,135 INFO L226 Difference]: Without dead ends: 578 [2024-11-22 02:05:14,136 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=31, Invalid=101, Unknown=0, NotChecked=0, Total=132 [2024-11-22 02:05:14,137 INFO L432 NwaCegarLoop]: 167 mSDtfsCounter, 129 mSDsluCounter, 881 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 131 SdHoareTripleChecker+Valid, 1048 SdHoareTripleChecker+Invalid, 92 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:14,137 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [131 Valid, 1048 Invalid, 92 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:05:14,138 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 578 states. [2024-11-22 02:05:14,162 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 578 to 578. [2024-11-22 02:05:14,163 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 578 states, 450 states have (on average 1.191111111111111) internal successors, (536), 476 states have internal predecessors, (536), 68 states have call successors, (68), 62 states have call predecessors, (68), 59 states have return successors, (96), 65 states have call predecessors, (96), 68 states have call successors, (96) [2024-11-22 02:05:14,165 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 578 states to 578 states and 700 transitions. [2024-11-22 02:05:14,166 INFO L78 Accepts]: Start accepts. Automaton has 578 states and 700 transitions. Word has length 59 [2024-11-22 02:05:14,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:14,166 INFO L471 AbstractCegarLoop]: Abstraction has 578 states and 700 transitions. [2024-11-22 02:05:14,166 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.333333333333333) internal successors, (48), 8 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:14,166 INFO L276 IsEmpty]: Start isEmpty. Operand 578 states and 700 transitions. [2024-11-22 02:05:14,168 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-11-22 02:05:14,168 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:14,168 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:14,168 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-22 02:05:14,169 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:14,169 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:14,169 INFO L85 PathProgramCache]: Analyzing trace with hash 486604430, now seen corresponding path program 1 times [2024-11-22 02:05:14,169 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:14,169 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2144556708] [2024-11-22 02:05:14,169 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:14,170 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:14,180 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:14,221 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 5 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2024-11-22 02:05:14,222 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:14,222 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2144556708] [2024-11-22 02:05:14,222 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2144556708] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:14,222 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:14,222 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:14,222 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2117485613] [2024-11-22 02:05:14,222 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:14,223 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:14,223 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:14,223 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:14,223 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:14,223 INFO L87 Difference]: Start difference. First operand 578 states and 700 transitions. Second operand has 5 states, 5 states have (on average 12.4) internal successors, (62), 5 states have internal predecessors, (62), 2 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-22 02:05:14,258 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:14,258 INFO L93 Difference]: Finished difference Result 996 states and 1223 transitions. [2024-11-22 02:05:14,259 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:14,259 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 12.4) internal successors, (62), 5 states have internal predecessors, (62), 2 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 87 [2024-11-22 02:05:14,259 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:14,262 INFO L225 Difference]: With dead ends: 996 [2024-11-22 02:05:14,262 INFO L226 Difference]: Without dead ends: 590 [2024-11-22 02:05:14,263 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:14,263 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 0 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 365 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:14,264 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 365 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:14,264 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 590 states. [2024-11-22 02:05:14,306 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 590 to 590. [2024-11-22 02:05:14,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 590 states, 462 states have (on average 1.1861471861471862) internal successors, (548), 488 states have internal predecessors, (548), 68 states have call successors, (68), 62 states have call predecessors, (68), 59 states have return successors, (96), 65 states have call predecessors, (96), 68 states have call successors, (96) [2024-11-22 02:05:14,310 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 590 states to 590 states and 712 transitions. [2024-11-22 02:05:14,311 INFO L78 Accepts]: Start accepts. Automaton has 590 states and 712 transitions. Word has length 87 [2024-11-22 02:05:14,311 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:14,311 INFO L471 AbstractCegarLoop]: Abstraction has 590 states and 712 transitions. [2024-11-22 02:05:14,311 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 12.4) internal successors, (62), 5 states have internal predecessors, (62), 2 states have call successors, (6), 1 states have call predecessors, (6), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-22 02:05:14,311 INFO L276 IsEmpty]: Start isEmpty. Operand 590 states and 712 transitions. [2024-11-22 02:05:14,313 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-11-22 02:05:14,313 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:14,313 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:14,313 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2024-11-22 02:05:14,313 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:14,314 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:14,314 INFO L85 PathProgramCache]: Analyzing trace with hash -1507540276, now seen corresponding path program 1 times [2024-11-22 02:05:14,314 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:14,314 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2059933434] [2024-11-22 02:05:14,314 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:14,314 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:14,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:14,409 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-22 02:05:14,409 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:14,409 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2059933434] [2024-11-22 02:05:14,409 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2059933434] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-22 02:05:14,409 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2048549468] [2024-11-22 02:05:14,409 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:14,409 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-22 02:05:14,410 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:05:14,412 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-22 02:05:14,417 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-22 02:05:14,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:14,540 INFO L255 TraceCheckSpWp]: Trace formula consists of 302 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-22 02:05:14,547 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-22 02:05:14,748 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-22 02:05:14,748 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-22 02:05:15,030 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-22 02:05:15,031 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2048549468] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-22 02:05:15,031 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-22 02:05:15,032 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 9] total 17 [2024-11-22 02:05:15,032 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998204760] [2024-11-22 02:05:15,032 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-22 02:05:15,032 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-11-22 02:05:15,033 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:15,033 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-22 02:05:15,033 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=44, Invalid=228, Unknown=0, NotChecked=0, Total=272 [2024-11-22 02:05:15,034 INFO L87 Difference]: Start difference. First operand 590 states and 712 transitions. Second operand has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (18), 7 states have call predecessors, (18), 8 states have return successors, (16), 8 states have call predecessors, (16), 6 states have call successors, (16) [2024-11-22 02:05:15,795 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:15,795 INFO L93 Difference]: Finished difference Result 1610 states and 2037 transitions. [2024-11-22 02:05:15,795 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2024-11-22 02:05:15,796 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (18), 7 states have call predecessors, (18), 8 states have return successors, (16), 8 states have call predecessors, (16), 6 states have call successors, (16) Word has length 87 [2024-11-22 02:05:15,796 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:15,797 INFO L225 Difference]: With dead ends: 1610 [2024-11-22 02:05:15,797 INFO L226 Difference]: Without dead ends: 0 [2024-11-22 02:05:15,800 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 209 GetRequests, 165 SyntacticMatches, 7 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 217 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=343, Invalid=1139, Unknown=0, NotChecked=0, Total=1482 [2024-11-22 02:05:15,801 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 413 mSDsluCounter, 620 mSDsCounter, 0 mSdLazyCounter, 794 mSolverCounterSat, 159 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 415 SdHoareTripleChecker+Valid, 692 SdHoareTripleChecker+Invalid, 953 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 159 IncrementalHoareTripleChecker+Valid, 794 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:15,801 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [415 Valid, 692 Invalid, 953 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [159 Valid, 794 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-22 02:05:15,801 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-22 02:05:15,802 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-22 02:05:15,802 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-22 02:05:15,802 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-22 02:05:15,803 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2024-11-22 02:05:15,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:15,803 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-22 02:05:15,803 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (18), 7 states have call predecessors, (18), 8 states have return successors, (16), 8 states have call predecessors, (16), 6 states have call successors, (16) [2024-11-22 02:05:15,803 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-22 02:05:15,803 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-22 02:05:15,805 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-22 02:05:15,813 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-22 02:05:16,009 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2024-11-22 02:05:16,013 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:16,015 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-22 02:05:19,370 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-22 02:05:19,435 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse4 (= |old(~methaneLevelCritical~0)| 0)) (.cse1 (= |old(~methaneLevelCritical~0)| 1))) (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse2 .cse3 .cse5) (and .cse0 .cse4 .cse2 .cse3) (and .cse1 .cse2 .cse3 .cse5))) (or (not .cse4) (= ~methaneLevelCritical~0 0)) (or (= ~methaneLevelCritical~0 1) (not .cse1)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse4 (= |old(~methaneLevelCritical~0)| 0)) (.cse1 (= |old(~methaneLevelCritical~0)| 1))) (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2)) (.cse5 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse2 .cse3 .cse5) (and .cse0 .cse4 .cse2 .cse3) (and .cse1 .cse2 .cse3 .cse5))) (or (not .cse4) (= ~methaneLevelCritical~0 0)) (or (= ~methaneLevelCritical~0 1) (not .cse1))))) [2024-11-22 02:05:19,447 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:19,453 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (and (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (= ~methaneLevelCritical~0 1)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse0 .cse4) (and .cse3 .cse0 .cse5 .cse4) (and .cse2 .cse3 .cse6 .cse4) (and .cse3 .cse6 .cse5 .cse4))) (or (not .cse6) (and .cse1 (= ~pumpRunning~0 1))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (and (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (= ~methaneLevelCritical~0 1)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse0 .cse4) (and .cse3 .cse0 .cse5 .cse4) (and .cse2 .cse3 .cse6 .cse4) (and .cse3 .cse6 .cse5 .cse4))) (or (not .cse6) (and .cse1 (= ~pumpRunning~0 1)))))) [2024-11-22 02:05:19,460 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:19,482 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse1 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse4 (= ~methaneLevelCritical~0 1)) (.cse2 (<= ~waterLevel~0 1)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse2 .cse3 .cse1 .cse4) (and .cse3 .cse0 .cse4 .cse5) (and .cse6 .cse2 .cse3 .cse1) (and .cse6 .cse3 .cse0 .cse5))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse1 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse4 (= ~methaneLevelCritical~0 1)) (.cse2 (<= ~waterLevel~0 1)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse2 .cse3 .cse1 .cse4) (and .cse3 .cse0 .cse4 .cse5) (and .cse6 .cse2 .cse3 .cse1) (and .cse6 .cse3 .cse0 .cse5)))))) [2024-11-22 02:05:19,490 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:19,498 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse5 (= ~methaneLevelCritical~0 1)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse3 (= ~pumpRunning~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse5 .cse2) (and .cse1 .cse5 .cse2 .cse3) (and .cse4 .cse0 .cse1 (<= |old(~waterLevel~0)| 1)))) (<= ~waterLevel~0 |old(~waterLevel~0)|)) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (and (let ((.cse5 (= ~methaneLevelCritical~0 1)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse3 (= ~pumpRunning~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse5 .cse2) (and .cse1 .cse5 .cse2 .cse3) (and .cse4 .cse0 .cse1 (<= |old(~waterLevel~0)| 1)))) (<= ~waterLevel~0 |old(~waterLevel~0)|))) [2024-11-22 02:05:19,506 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:19,509 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.11 02:05:19 BoogieIcfgContainer [2024-11-22 02:05:19,512 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-22 02:05:19,513 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-22 02:05:19,513 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-22 02:05:19,513 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-22 02:05:19,514 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:10" (3/4) ... [2024-11-22 02:05:19,519 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-22 02:05:19,523 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-22 02:05:19,527 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-22 02:05:19,527 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-22 02:05:19,527 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-22 02:05:19,527 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-22 02:05:19,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:19,528 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-22 02:05:19,537 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-22 02:05:19,540 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-22 02:05:19,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-22 02:05:19,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:05:19,541 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:05:19,711 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-22 02:05:19,712 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-22 02:05:19,712 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-22 02:05:19,712 INFO L158 Benchmark]: Toolchain (without parser) took 10775.85ms. Allocated memory was 190.8MB in the beginning and 310.4MB in the end (delta: 119.5MB). Free memory was 122.1MB in the beginning and 183.3MB in the end (delta: -61.2MB). Peak memory consumption was 59.6MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,714 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 117.4MB. Free memory is still 79.1MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-22 02:05:19,714 INFO L158 Benchmark]: CACSL2BoogieTranslator took 726.16ms. Allocated memory is still 190.8MB. Free memory was 121.9MB in the beginning and 100.3MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,717 INFO L158 Benchmark]: Boogie Procedure Inliner took 87.50ms. Allocated memory is still 190.8MB. Free memory was 100.3MB in the beginning and 98.0MB in the end (delta: 2.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,717 INFO L158 Benchmark]: Boogie Preprocessor took 78.23ms. Allocated memory is still 190.8MB. Free memory was 98.0MB in the beginning and 95.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,718 INFO L158 Benchmark]: RCFGBuilder took 463.09ms. Allocated memory is still 190.8MB. Free memory was 95.4MB in the beginning and 150.1MB in the end (delta: -54.8MB). Peak memory consumption was 14.4MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,718 INFO L158 Benchmark]: TraceAbstraction took 9214.60ms. Allocated memory was 190.8MB in the beginning and 310.4MB in the end (delta: 119.5MB). Free memory was 150.1MB in the beginning and 190.7MB in the end (delta: -40.5MB). Peak memory consumption was 173.1MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,718 INFO L158 Benchmark]: Witness Printer took 199.05ms. Allocated memory is still 310.4MB. Free memory was 190.7MB in the beginning and 183.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-22 02:05:19,719 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 117.4MB. Free memory is still 79.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 726.16ms. Allocated memory is still 190.8MB. Free memory was 121.9MB in the beginning and 100.3MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 87.50ms. Allocated memory is still 190.8MB. Free memory was 100.3MB in the beginning and 98.0MB in the end (delta: 2.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 78.23ms. Allocated memory is still 190.8MB. Free memory was 98.0MB in the beginning and 95.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 463.09ms. Allocated memory is still 190.8MB. Free memory was 95.4MB in the beginning and 150.1MB in the end (delta: -54.8MB). Peak memory consumption was 14.4MB. Max. memory is 16.1GB. * TraceAbstraction took 9214.60ms. Allocated memory was 190.8MB in the beginning and 310.4MB in the end (delta: 119.5MB). Free memory was 150.1MB in the beginning and 190.7MB in the end (delta: -40.5MB). Peak memory consumption was 173.1MB. Max. memory is 16.1GB. * Witness Printer took 199.05ms. Allocated memory is still 310.4MB. Free memory was 190.7MB in the beginning and 183.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [415] - GenericResultAtLocation [Line: 526]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [526] - GenericResultAtLocation [Line: 564]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [564] - GenericResultAtLocation [Line: 600]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [600] - GenericResultAtLocation [Line: 609]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [609] - GenericResultAtLocation [Line: 828]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [828] - GenericResultAtLocation [Line: 894]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [894] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 605]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 93 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.6s, OverallIterations: 13, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1006 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 998 mSDsluCounter, 5288 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3956 mSDsCounter, 205 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1203 IncrementalHoareTripleChecker+Invalid, 1408 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 205 mSolverCounterUnsat, 1332 mSDtfsCounter, 1203 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 340 GetRequests, 242 SyntacticMatches, 7 SemanticMatches, 91 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 235 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=594occurred in iteration=9, InterpolantAutomatonStates: 86, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 13 MinimizatonAttempts, 8 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 801 NumberOfCodeBlocks, 801 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 872 ConstructedInterpolants, 0 QuantifiedInterpolants, 1682 SizeOfPredicates, 2 NumberOfNonLiveVariables, 527 ConjunctsInSsa, 28 ConjunctsInUnsatCore, 16 InterpolantComputations, 12 PerfectInterpolantSequences, 96/116 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 906]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((((1 == systemActive) && (methaneLevelCritical == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 839]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 641]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1)) || ((((waterLevel <= 1) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (methaneLevelCritical == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1)) || ((((waterLevel <= 1) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (methaneLevelCritical == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 450]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((methaneLevelCritical == 0) || (\old(methaneLevelCritical) != 1)) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical == 1))) && (((((((pumpRunning == 0) && (\old(methaneLevelCritical) == 1)) && (1 == systemActive)) && (waterLevel <= 2)) || ((((\old(methaneLevelCritical) == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive)) && (waterLevel <= 2))) || ((((\old(methaneLevelCritical) == 1) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1)))) && (((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 896]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 617]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((waterLevel <= \old(waterLevel)) && (pumpRunning == 1)) || ((pumpRunning == 0) && (waterLevel <= \old(waterLevel)))) && (((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2))) || ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (methaneLevelCritical == 1)) && (\old(waterLevel) <= 2))) || (((\old(pumpRunning) == 1) && (methaneLevelCritical == 1)) && (\old(waterLevel) <= 2)))) && (((waterLevel <= 1) && (1 == systemActive)) || (\old(pumpRunning) != 1))) && ((((waterLevel <= 1) && (1 == systemActive)) || (methaneLevelCritical != 0)) || ((waterLevel <= \old(waterLevel)) && (pumpRunning == 1)))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 462]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((((methaneLevelCritical == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1)) || ((((1 == systemActive) && (methaneLevelCritical == 1)) && (waterLevel <= 2)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1)) || ((((1 == systemActive) && (methaneLevelCritical == 1)) && (waterLevel <= 2)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel <= 2))) && ((methaneLevelCritical != 1) || (\result == 1))) && ((methaneLevelCritical != 0) || (\result == 0))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 649]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((\old(pumpRunning) != 1) || ((waterLevel <= 1) && (pumpRunning == 1))) && (((methaneLevelCritical != 0) || (waterLevel < 2)) || (pumpRunning == 1))) && ((((((1 == systemActive) && (\old(pumpRunning) == 1)) && (methaneLevelCritical == 1)) || ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1))) || ((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && (((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 438]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: ((((waterLevel <= ((long long) \old(waterLevel) + 1)) && (((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical == 1)) && (\old(waterLevel) <= 2))) || ((((1 == systemActive) && (methaneLevelCritical == 1)) && (\old(waterLevel) <= 2)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (waterLevel <= 2)) && (((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-22 02:05:19,751 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE