./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:10,530 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:10,607 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:10,615 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:10,616 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:10,643 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:10,644 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:10,644 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:10,647 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:10,648 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:10,650 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:10,650 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:10,651 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:10,651 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:10,651 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:10,652 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:10,652 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:10,656 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:10,657 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:10,657 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:10,657 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:10,658 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:10,658 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:10,658 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:10,658 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:10,659 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:10,659 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:10,659 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:10,659 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:10,660 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:10,660 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:10,660 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:10,660 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:10,661 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:10,661 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:10,662 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:10,663 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:10,664 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:10,664 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:10,664 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:10,664 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:10,665 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:10,665 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 [2024-10-11 03:01:10,929 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:10,953 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:10,956 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:10,958 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:10,959 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:10,960 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-10-11 03:01:12,513 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:12,741 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:12,742 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-10-11 03:01:12,758 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/506a8519a/d7e736df12a74a549463491c7618c78c/FLAG8b1d7042a [2024-10-11 03:01:13,098 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/506a8519a/d7e736df12a74a549463491c7618c78c [2024-10-11 03:01:13,100 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:13,103 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:13,104 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:13,104 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:13,110 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:13,110 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,113 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@125a1824 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13, skipping insertion in model container [2024-10-11 03:01:13,113 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,150 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:13,418 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-10-11 03:01:13,435 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:13,451 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:13,462 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-10-11 03:01:13,464 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] [2024-10-11 03:01:13,464 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2024-10-11 03:01:13,464 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] [2024-10-11 03:01:13,464 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] [2024-10-11 03:01:13,464 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] [2024-10-11 03:01:13,465 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] [2024-10-11 03:01:13,465 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] [2024-10-11 03:01:13,535 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-10-11 03:01:13,541 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:13,572 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:13,572 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13 WrapperNode [2024-10-11 03:01:13,573 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:13,574 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:13,574 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:13,574 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:13,580 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,592 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,627 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 209 [2024-10-11 03:01:13,627 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:13,628 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:13,628 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:13,628 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:13,642 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,642 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,644 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,663 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:13,664 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,664 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,671 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,675 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,677 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,681 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,684 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:13,689 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:13,689 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:13,689 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:13,690 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (1/1) ... [2024-10-11 03:01:13,699 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:13,711 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:13,730 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:13,736 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:13,800 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:13,800 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:13,800 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:13,800 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:13,800 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:13,800 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:13,801 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:13,801 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:13,801 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:13,801 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:13,801 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:13,802 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:13,802 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:13,802 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-11 03:01:13,802 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-11 03:01:13,802 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:13,802 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:13,802 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:13,803 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:13,803 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:13,900 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:13,902 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:14,205 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:14,207 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:14,298 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:14,299 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:14,299 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:14 BoogieIcfgContainer [2024-10-11 03:01:14,300 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:14,302 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:14,302 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:14,307 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:14,307 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:13" (1/3) ... [2024-10-11 03:01:14,308 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ecab880 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:14, skipping insertion in model container [2024-10-11 03:01:14,308 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:13" (2/3) ... [2024-10-11 03:01:14,308 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2ecab880 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:14, skipping insertion in model container [2024-10-11 03:01:14,308 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:14" (3/3) ... [2024-10-11 03:01:14,313 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product40.cil.c [2024-10-11 03:01:14,333 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:14,333 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:14,411 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:14,424 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@965c46d, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:14,425 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:14,430 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 51 states have (on average 1.5294117647058822) internal successors, (78), 60 states have internal predecessors, (78), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:14,442 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:14,443 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:14,444 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:14,445 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:14,451 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:14,451 INFO L85 PathProgramCache]: Analyzing trace with hash -559003011, now seen corresponding path program 1 times [2024-10-11 03:01:14,461 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:14,461 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2030158311] [2024-10-11 03:01:14,461 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:14,462 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:14,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,687 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:14,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,700 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:14,703 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:14,710 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:14,711 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:14,711 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2030158311] [2024-10-11 03:01:14,714 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2030158311] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:14,714 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:14,714 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:14,716 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2006499376] [2024-10-11 03:01:14,717 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:14,722 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:14,723 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:14,750 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:14,751 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:14,754 INFO L87 Difference]: Start difference. First operand has 75 states, 51 states have (on average 1.5294117647058822) internal successors, (78), 60 states have internal predecessors, (78), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:14,831 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:14,832 INFO L93 Difference]: Finished difference Result 148 states and 213 transitions. [2024-10-11 03:01:14,834 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:14,835 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:14,836 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:14,850 INFO L225 Difference]: With dead ends: 148 [2024-10-11 03:01:14,850 INFO L226 Difference]: Without dead ends: 70 [2024-10-11 03:01:14,856 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:14,861 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 85 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:14,863 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 85 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:14,881 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2024-10-11 03:01:14,911 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2024-10-11 03:01:14,913 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 48 states have (on average 1.4166666666666667) internal successors, (68), 56 states have internal predecessors, (68), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-11 03:01:14,916 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 95 transitions. [2024-10-11 03:01:14,918 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 95 transitions. Word has length 22 [2024-10-11 03:01:14,918 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:14,919 INFO L471 AbstractCegarLoop]: Abstraction has 70 states and 95 transitions. [2024-10-11 03:01:14,919 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:14,919 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 95 transitions. [2024-10-11 03:01:14,921 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:14,921 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:14,922 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:14,922 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:14,922 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:14,923 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:14,923 INFO L85 PathProgramCache]: Analyzing trace with hash -1472764956, now seen corresponding path program 1 times [2024-10-11 03:01:14,924 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:14,924 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [564534434] [2024-10-11 03:01:14,925 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:14,925 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:14,954 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:15,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,066 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:15,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,071 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:15,072 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:15,072 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [564534434] [2024-10-11 03:01:15,072 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [564534434] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:15,073 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:15,073 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:15,073 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [679139058] [2024-10-11 03:01:15,073 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:15,074 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:15,075 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:15,075 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:15,076 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:15,076 INFO L87 Difference]: Start difference. First operand 70 states and 95 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:15,132 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:15,132 INFO L93 Difference]: Finished difference Result 110 states and 148 transitions. [2024-10-11 03:01:15,133 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:15,133 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:15,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:15,134 INFO L225 Difference]: With dead ends: 110 [2024-10-11 03:01:15,134 INFO L226 Difference]: Without dead ends: 62 [2024-10-11 03:01:15,135 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:15,140 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 14 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:15,141 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 126 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:15,142 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2024-10-11 03:01:15,151 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2024-10-11 03:01:15,151 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 43 states have (on average 1.441860465116279) internal successors, (62), 51 states have internal predecessors, (62), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:15,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 84 transitions. [2024-10-11 03:01:15,153 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 84 transitions. Word has length 23 [2024-10-11 03:01:15,154 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:15,154 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 84 transitions. [2024-10-11 03:01:15,154 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:15,154 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 84 transitions. [2024-10-11 03:01:15,155 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:15,156 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:15,156 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:15,156 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:15,158 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:15,158 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:15,158 INFO L85 PathProgramCache]: Analyzing trace with hash -1962258660, now seen corresponding path program 1 times [2024-10-11 03:01:15,159 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:15,159 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [115688167] [2024-10-11 03:01:15,159 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:15,159 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:15,185 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,288 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:15,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,296 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:15,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,301 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:15,304 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:15,304 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [115688167] [2024-10-11 03:01:15,304 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [115688167] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:15,304 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:15,304 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:15,305 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [411806068] [2024-10-11 03:01:15,305 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:15,305 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:15,306 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:15,306 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:15,308 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:15,308 INFO L87 Difference]: Start difference. First operand 62 states and 84 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:15,372 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:15,373 INFO L93 Difference]: Finished difference Result 182 states and 249 transitions. [2024-10-11 03:01:15,373 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:15,373 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:15,374 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:15,375 INFO L225 Difference]: With dead ends: 182 [2024-10-11 03:01:15,376 INFO L226 Difference]: Without dead ends: 122 [2024-10-11 03:01:15,376 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:15,377 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 75 mSDsluCounter, 69 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:15,378 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 152 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:15,379 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2024-10-11 03:01:15,406 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 119. [2024-10-11 03:01:15,407 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 82 states have (on average 1.451219512195122) internal successors, (119), 97 states have internal predecessors, (119), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-10-11 03:01:15,408 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 163 transitions. [2024-10-11 03:01:15,409 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 163 transitions. Word has length 26 [2024-10-11 03:01:15,410 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:15,410 INFO L471 AbstractCegarLoop]: Abstraction has 119 states and 163 transitions. [2024-10-11 03:01:15,410 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:15,410 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 163 transitions. [2024-10-11 03:01:15,412 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:15,412 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:15,412 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:15,412 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:15,413 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:15,413 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:15,413 INFO L85 PathProgramCache]: Analyzing trace with hash 647764494, now seen corresponding path program 1 times [2024-10-11 03:01:15,413 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:15,414 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [292382068] [2024-10-11 03:01:15,414 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:15,414 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:15,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,508 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:15,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,513 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:15,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,538 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:15,538 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:15,539 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [292382068] [2024-10-11 03:01:15,539 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [292382068] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:15,539 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:15,539 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:15,539 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [205675730] [2024-10-11 03:01:15,540 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:15,540 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:15,541 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:15,542 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:15,542 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:15,543 INFO L87 Difference]: Start difference. First operand 119 states and 163 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:15,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:15,804 INFO L93 Difference]: Finished difference Result 316 states and 441 transitions. [2024-10-11 03:01:15,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:15,805 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2024-10-11 03:01:15,805 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:15,807 INFO L225 Difference]: With dead ends: 316 [2024-10-11 03:01:15,807 INFO L226 Difference]: Without dead ends: 199 [2024-10-11 03:01:15,811 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:15,812 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 58 mSDsluCounter, 240 mSDsCounter, 0 mSdLazyCounter, 113 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 122 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 113 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:15,813 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 312 Invalid, 122 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:15,814 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 199 states. [2024-10-11 03:01:15,849 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 199 to 198. [2024-10-11 03:01:15,850 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 139 states have (on average 1.3741007194244603) internal successors, (191), 154 states have internal predecessors, (191), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-10-11 03:01:15,853 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 263 transitions. [2024-10-11 03:01:15,854 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 263 transitions. Word has length 29 [2024-10-11 03:01:15,855 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:15,855 INFO L471 AbstractCegarLoop]: Abstraction has 198 states and 263 transitions. [2024-10-11 03:01:15,856 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:15,857 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 263 transitions. [2024-10-11 03:01:15,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:15,860 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:15,860 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:15,861 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:15,861 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:15,861 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:15,862 INFO L85 PathProgramCache]: Analyzing trace with hash 2086249014, now seen corresponding path program 1 times [2024-10-11 03:01:15,862 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:15,862 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1168943224] [2024-10-11 03:01:15,862 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:15,862 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:15,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:15,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:15,995 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:15,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,037 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:16,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,040 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:16,040 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:16,042 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1168943224] [2024-10-11 03:01:16,044 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1168943224] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:16,044 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:16,044 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:16,045 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1922593341] [2024-10-11 03:01:16,045 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:16,045 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:16,045 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:16,046 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:16,046 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:16,046 INFO L87 Difference]: Start difference. First operand 198 states and 263 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:16,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:16,473 INFO L93 Difference]: Finished difference Result 662 states and 939 transitions. [2024-10-11 03:01:16,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:16,474 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:16,474 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:16,479 INFO L225 Difference]: With dead ends: 662 [2024-10-11 03:01:16,482 INFO L226 Difference]: Without dead ends: 466 [2024-10-11 03:01:16,484 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:16,486 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 140 mSDsluCounter, 179 mSDsCounter, 0 mSdLazyCounter, 178 mSolverCounterSat, 48 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 48 IncrementalHoareTripleChecker+Valid, 178 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:16,490 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 237 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [48 Valid, 178 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:16,492 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2024-10-11 03:01:16,559 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 460. [2024-10-11 03:01:16,563 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 460 states, 327 states have (on average 1.342507645259939) internal successors, (439), 352 states have internal predecessors, (439), 72 states have call successors, (72), 52 states have call predecessors, (72), 60 states have return successors, (120), 70 states have call predecessors, (120), 72 states have call successors, (120) [2024-10-11 03:01:16,567 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 460 states to 460 states and 631 transitions. [2024-10-11 03:01:16,568 INFO L78 Accepts]: Start accepts. Automaton has 460 states and 631 transitions. Word has length 38 [2024-10-11 03:01:16,568 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:16,568 INFO L471 AbstractCegarLoop]: Abstraction has 460 states and 631 transitions. [2024-10-11 03:01:16,568 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:16,569 INFO L276 IsEmpty]: Start isEmpty. Operand 460 states and 631 transitions. [2024-10-11 03:01:16,571 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:16,574 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:16,575 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:16,575 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:16,575 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:16,575 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:16,576 INFO L85 PathProgramCache]: Analyzing trace with hash -620370380, now seen corresponding path program 1 times [2024-10-11 03:01:16,576 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:16,576 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [970076572] [2024-10-11 03:01:16,576 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:16,576 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:16,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,633 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:16,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:16,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,669 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:16,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,672 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:16,672 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:16,672 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [970076572] [2024-10-11 03:01:16,672 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [970076572] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:16,672 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:16,672 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:16,672 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1260816365] [2024-10-11 03:01:16,673 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:16,673 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:16,673 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:16,674 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:16,674 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:16,674 INFO L87 Difference]: Start difference. First operand 460 states and 631 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:16,850 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:16,850 INFO L93 Difference]: Finished difference Result 924 states and 1283 transitions. [2024-10-11 03:01:16,850 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:16,850 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:16,851 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:16,856 INFO L225 Difference]: With dead ends: 924 [2024-10-11 03:01:16,856 INFO L226 Difference]: Without dead ends: 466 [2024-10-11 03:01:16,858 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:16,859 INFO L432 NwaCegarLoop]: 62 mSDtfsCounter, 45 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 198 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:16,859 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 198 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:16,860 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2024-10-11 03:01:16,892 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 464. [2024-10-11 03:01:16,893 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 464 states, 331 states have (on average 1.338368580060423) internal successors, (443), 356 states have internal predecessors, (443), 72 states have call successors, (72), 52 states have call predecessors, (72), 60 states have return successors, (120), 70 states have call predecessors, (120), 72 states have call successors, (120) [2024-10-11 03:01:16,896 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 464 states to 464 states and 635 transitions. [2024-10-11 03:01:16,898 INFO L78 Accepts]: Start accepts. Automaton has 464 states and 635 transitions. Word has length 38 [2024-10-11 03:01:16,899 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:16,899 INFO L471 AbstractCegarLoop]: Abstraction has 464 states and 635 transitions. [2024-10-11 03:01:16,899 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:16,899 INFO L276 IsEmpty]: Start isEmpty. Operand 464 states and 635 transitions. [2024-10-11 03:01:16,901 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:16,901 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:16,901 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:16,901 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:16,901 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:16,902 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:16,902 INFO L85 PathProgramCache]: Analyzing trace with hash -1900234058, now seen corresponding path program 1 times [2024-10-11 03:01:16,902 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:16,902 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [696244407] [2024-10-11 03:01:16,902 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:16,902 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:16,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,944 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:16,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,949 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:16,953 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,976 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:16,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:16,979 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:16,979 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:16,979 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [696244407] [2024-10-11 03:01:16,980 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [696244407] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:16,980 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:16,980 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:16,980 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1050430708] [2024-10-11 03:01:16,980 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:16,981 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:16,981 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:16,981 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:16,981 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:16,982 INFO L87 Difference]: Start difference. First operand 464 states and 635 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:17,135 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:17,136 INFO L93 Difference]: Finished difference Result 902 states and 1253 transitions. [2024-10-11 03:01:17,136 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:17,136 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:17,137 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:17,140 INFO L225 Difference]: With dead ends: 902 [2024-10-11 03:01:17,140 INFO L226 Difference]: Without dead ends: 440 [2024-10-11 03:01:17,142 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:17,142 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 44 mSDsluCounter, 128 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 186 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:17,143 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 186 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:17,144 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2024-10-11 03:01:17,169 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 438. [2024-10-11 03:01:17,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 311 states have (on average 1.3279742765273312) internal successors, (413), 334 states have internal predecessors, (413), 70 states have call successors, (70), 52 states have call predecessors, (70), 56 states have return successors, (102), 66 states have call predecessors, (102), 70 states have call successors, (102) [2024-10-11 03:01:17,173 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 585 transitions. [2024-10-11 03:01:17,174 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 585 transitions. Word has length 38 [2024-10-11 03:01:17,174 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:17,174 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 585 transitions. [2024-10-11 03:01:17,174 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:17,175 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 585 transitions. [2024-10-11 03:01:17,175 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-11 03:01:17,175 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:17,176 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:17,176 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:17,176 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:17,177 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:17,177 INFO L85 PathProgramCache]: Analyzing trace with hash 928377310, now seen corresponding path program 1 times [2024-10-11 03:01:17,177 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:17,177 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [302724066] [2024-10-11 03:01:17,177 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:17,177 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:17,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,279 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:17,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:17,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,296 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:17,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,332 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-11 03:01:17,333 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,334 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:17,334 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:17,334 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [302724066] [2024-10-11 03:01:17,335 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [302724066] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:17,335 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:17,335 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-11 03:01:17,335 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1336098211] [2024-10-11 03:01:17,335 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:17,335 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-11 03:01:17,335 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:17,336 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-11 03:01:17,336 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-11 03:01:17,336 INFO L87 Difference]: Start difference. First operand 438 states and 585 transitions. Second operand has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:17,813 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:17,813 INFO L93 Difference]: Finished difference Result 1071 states and 1489 transitions. [2024-10-11 03:01:17,813 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-11 03:01:17,814 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-11 03:01:17,814 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:17,818 INFO L225 Difference]: With dead ends: 1071 [2024-10-11 03:01:17,818 INFO L226 Difference]: Without dead ends: 635 [2024-10-11 03:01:17,820 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-11 03:01:17,821 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 232 mSDsluCounter, 206 mSDsCounter, 0 mSdLazyCounter, 381 mSolverCounterSat, 84 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 276 SdHoareTripleChecker+Invalid, 465 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 84 IncrementalHoareTripleChecker+Valid, 381 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:17,821 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 276 Invalid, 465 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [84 Valid, 381 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:17,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 635 states. [2024-10-11 03:01:17,870 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 635 to 629. [2024-10-11 03:01:17,871 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 629 states, 448 states have (on average 1.2991071428571428) internal successors, (582), 485 states have internal predecessors, (582), 100 states have call successors, (100), 71 states have call predecessors, (100), 80 states have return successors, (172), 96 states have call predecessors, (172), 100 states have call successors, (172) [2024-10-11 03:01:17,875 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 629 states to 629 states and 854 transitions. [2024-10-11 03:01:17,876 INFO L78 Accepts]: Start accepts. Automaton has 629 states and 854 transitions. Word has length 42 [2024-10-11 03:01:17,876 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:17,877 INFO L471 AbstractCegarLoop]: Abstraction has 629 states and 854 transitions. [2024-10-11 03:01:17,877 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:17,877 INFO L276 IsEmpty]: Start isEmpty. Operand 629 states and 854 transitions. [2024-10-11 03:01:17,879 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-10-11 03:01:17,880 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:17,880 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:17,880 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:17,881 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:17,881 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:17,881 INFO L85 PathProgramCache]: Analyzing trace with hash -1194786365, now seen corresponding path program 1 times [2024-10-11 03:01:17,881 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:17,881 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1409737682] [2024-10-11 03:01:17,881 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:17,882 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:17,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,946 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:17,947 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:17,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:17,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,991 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:17,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-11 03:01:17,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:17,999 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-11 03:01:18,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,003 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:18,003 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:18,003 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1409737682] [2024-10-11 03:01:18,003 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1409737682] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:18,003 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:18,003 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:18,003 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1628751628] [2024-10-11 03:01:18,003 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:18,004 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:18,004 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:18,006 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:18,006 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:18,006 INFO L87 Difference]: Start difference. First operand 629 states and 854 transitions. Second operand has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:18,360 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:18,360 INFO L93 Difference]: Finished difference Result 1041 states and 1404 transitions. [2024-10-11 03:01:18,361 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:18,361 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 67 [2024-10-11 03:01:18,361 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:18,364 INFO L225 Difference]: With dead ends: 1041 [2024-10-11 03:01:18,364 INFO L226 Difference]: Without dead ends: 414 [2024-10-11 03:01:18,366 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:18,367 INFO L432 NwaCegarLoop]: 75 mSDtfsCounter, 252 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 246 mSolverCounterSat, 94 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 261 SdHoareTripleChecker+Valid, 205 SdHoareTripleChecker+Invalid, 340 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 94 IncrementalHoareTripleChecker+Valid, 246 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:18,367 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [261 Valid, 205 Invalid, 340 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [94 Valid, 246 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:18,368 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 414 states. [2024-10-11 03:01:18,398 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 414 to 406. [2024-10-11 03:01:18,398 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 406 states, 290 states have (on average 1.282758620689655) internal successors, (372), 314 states have internal predecessors, (372), 64 states have call successors, (64), 48 states have call predecessors, (64), 51 states have return successors, (100), 62 states have call predecessors, (100), 64 states have call successors, (100) [2024-10-11 03:01:18,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 406 states to 406 states and 536 transitions. [2024-10-11 03:01:18,401 INFO L78 Accepts]: Start accepts. Automaton has 406 states and 536 transitions. Word has length 67 [2024-10-11 03:01:18,403 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:18,403 INFO L471 AbstractCegarLoop]: Abstraction has 406 states and 536 transitions. [2024-10-11 03:01:18,403 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:18,403 INFO L276 IsEmpty]: Start isEmpty. Operand 406 states and 536 transitions. [2024-10-11 03:01:18,404 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2024-10-11 03:01:18,405 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:18,405 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:18,405 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:18,405 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:18,405 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:18,405 INFO L85 PathProgramCache]: Analyzing trace with hash 1805836942, now seen corresponding path program 1 times [2024-10-11 03:01:18,405 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:18,406 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1795618207] [2024-10-11 03:01:18,406 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:18,406 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:18,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,529 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:18,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,546 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:18,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,573 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:18,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,587 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:18,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,596 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-11 03:01:18,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,609 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-11 03:01:18,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,612 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:18,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,614 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-10-11 03:01:18,615 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,616 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:18,617 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:18,617 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1795618207] [2024-10-11 03:01:18,617 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1795618207] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:18,617 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [436961248] [2024-10-11 03:01:18,617 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:18,618 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:18,618 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:18,620 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:18,622 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:18,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:18,709 INFO L255 TraceCheckSpWp]: Trace formula consists of 277 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:18,719 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:18,863 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:18,864 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:19,042 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:19,043 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [436961248] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:19,043 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:19,043 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:19,043 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [346040716] [2024-10-11 03:01:19,043 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:19,044 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:19,044 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:19,044 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:19,045 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:19,045 INFO L87 Difference]: Start difference. First operand 406 states and 536 transitions. Second operand has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-11 03:01:20,168 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:20,168 INFO L93 Difference]: Finished difference Result 968 states and 1305 transitions. [2024-10-11 03:01:20,169 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-10-11 03:01:20,169 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 74 [2024-10-11 03:01:20,169 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:20,171 INFO L225 Difference]: With dead ends: 968 [2024-10-11 03:01:20,171 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:20,174 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 217 GetRequests, 168 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 582 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=451, Invalid=1711, Unknown=0, NotChecked=0, Total=2162 [2024-10-11 03:01:20,174 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 344 mSDsluCounter, 545 mSDsCounter, 0 mSdLazyCounter, 908 mSolverCounterSat, 134 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 352 SdHoareTripleChecker+Valid, 661 SdHoareTripleChecker+Invalid, 1042 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 134 IncrementalHoareTripleChecker+Valid, 908 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:20,175 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [352 Valid, 661 Invalid, 1042 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [134 Valid, 908 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-11 03:01:20,175 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:20,175 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:20,176 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:20,176 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:20,177 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 74 [2024-10-11 03:01:20,177 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:20,177 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:20,177 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-11 03:01:20,178 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:20,178 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:20,180 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:20,200 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:20,382 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:20,385 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:20,387 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:23,904 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:23,922 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:23,950 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:23,962 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:23,983 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:23,994 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:23 BoogieIcfgContainer [2024-10-11 03:01:23,994 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:23,995 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:23,995 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:23,995 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:23,996 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:14" (3/4) ... [2024-10-11 03:01:23,998 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:24,002 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-11 03:01:24,002 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:24,002 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:24,002 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:24,002 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:24,003 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:24,003 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:24,003 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:24,010 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-11 03:01:24,011 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:24,011 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:24,012 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:24,012 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:24,134 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:24,134 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:24,137 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:24,138 INFO L158 Benchmark]: Toolchain (without parser) took 11036.30ms. Allocated memory was 159.4MB in the beginning and 216.0MB in the end (delta: 56.6MB). Free memory was 103.3MB in the beginning and 159.1MB in the end (delta: -55.8MB). Peak memory consumption was 2.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,138 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 159.4MB. Free memory was 118.5MB in the beginning and 118.4MB in the end (delta: 140.0kB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:24,138 INFO L158 Benchmark]: CACSL2BoogieTranslator took 468.71ms. Allocated memory is still 159.4MB. Free memory was 103.0MB in the beginning and 82.0MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,139 INFO L158 Benchmark]: Boogie Procedure Inliner took 53.83ms. Allocated memory is still 159.4MB. Free memory was 82.0MB in the beginning and 79.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,139 INFO L158 Benchmark]: Boogie Preprocessor took 56.28ms. Allocated memory is still 159.4MB. Free memory was 79.5MB in the beginning and 77.3MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,139 INFO L158 Benchmark]: RCFGBuilder took 610.87ms. Allocated memory was 159.4MB in the beginning and 216.0MB in the end (delta: 56.6MB). Free memory was 77.3MB in the beginning and 174.5MB in the end (delta: -97.2MB). Peak memory consumption was 22.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,140 INFO L158 Benchmark]: TraceAbstraction took 9692.73ms. Allocated memory is still 216.0MB. Free memory was 174.5MB in the beginning and 166.5MB in the end (delta: 8.1MB). Peak memory consumption was 114.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,140 INFO L158 Benchmark]: Witness Printer took 141.99ms. Allocated memory is still 216.0MB. Free memory was 166.5MB in the beginning and 159.1MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:24,143 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 159.4MB. Free memory was 118.5MB in the beginning and 118.4MB in the end (delta: 140.0kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 468.71ms. Allocated memory is still 159.4MB. Free memory was 103.0MB in the beginning and 82.0MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 53.83ms. Allocated memory is still 159.4MB. Free memory was 82.0MB in the beginning and 79.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.28ms. Allocated memory is still 159.4MB. Free memory was 79.5MB in the beginning and 77.3MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 610.87ms. Allocated memory was 159.4MB in the beginning and 216.0MB in the end (delta: 56.6MB). Free memory was 77.3MB in the beginning and 174.5MB in the end (delta: -97.2MB). Peak memory consumption was 22.3MB. Max. memory is 16.1GB. * TraceAbstraction took 9692.73ms. Allocated memory is still 216.0MB. Free memory was 174.5MB in the beginning and 166.5MB in the end (delta: 8.1MB). Peak memory consumption was 114.0MB. Max. memory is 16.1GB. * Witness Printer took 141.99ms. Allocated memory is still 216.0MB. Free memory was 166.5MB in the beginning and 159.1MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 266]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] - GenericResultAtLocation [Line: 755]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] - GenericResultAtLocation [Line: 864]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] - GenericResultAtLocation [Line: 899]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 860]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 75 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.0s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1246 SdHoareTripleChecker+Valid, 2.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1204 mSDsluCounter, 2438 SdHoareTripleChecker+Invalid, 1.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1688 mSDsCounter, 396 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2139 IncrementalHoareTripleChecker+Invalid, 2535 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 396 mSolverCounterUnsat, 750 mSDtfsCounter, 2139 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 347 GetRequests, 244 SyntacticMatches, 4 SemanticMatches, 99 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 659 ImplicationChecksByTransitivity, 0.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=629occurred in iteration=8, InterpolantAutomatonStates: 96, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 28 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 471 NumberOfCodeBlocks, 471 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 533 ConstructedInterpolants, 0 QuantifiedInterpolants, 967 SizeOfPredicates, 2 NumberOfNonLiveVariables, 277 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 98/119 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 767]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 279]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) Ensures: ((pumpRunning == 0) && ((((2 == waterLevel) && (1 == systemActive)) && (1 <= \old(pumpRunning))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 926]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 757]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((\old(pumpRunning) == 0) && (0 == systemActive))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1)) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) - ProcedureContractResult [Line: 914]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:24,182 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE