./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:21,916 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:21,977 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:21,980 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:21,981 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:22,004 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:22,006 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:22,006 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:22,007 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:22,008 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:22,008 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:22,008 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:22,009 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:22,020 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:22,020 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:22,021 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:22,021 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:22,021 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:22,022 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:22,022 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:22,022 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:22,023 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:22,023 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:22,023 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:22,023 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:22,024 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:22,024 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:22,024 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:22,024 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:22,025 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:22,025 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:22,025 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:22,025 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:22,025 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:22,026 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:22,026 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:22,026 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:22,026 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:22,027 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:22,027 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:22,027 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:22,030 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:22,030 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c [2024-10-11 03:01:22,261 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:22,283 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:22,288 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:22,289 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:22,290 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:22,291 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2024-10-11 03:01:23,537 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:23,745 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:23,745 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2024-10-11 03:01:23,758 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/a0982c7a1/75058684a7c441f79d8a452076d357de/FLAGb7ef5d4fe [2024-10-11 03:01:24,136 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/a0982c7a1/75058684a7c441f79d8a452076d357de [2024-10-11 03:01:24,138 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:24,140 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:24,141 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:24,141 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:24,146 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:24,147 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,148 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@42bfb544 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24, skipping insertion in model container [2024-10-11 03:01:24,148 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,185 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:24,384 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2024-10-11 03:01:24,464 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:24,480 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:24,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-10-11 03:01:24,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [261] [2024-10-11 03:01:24,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [329] [2024-10-11 03:01:24,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [433] [2024-10-11 03:01:24,490 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [442] [2024-10-11 03:01:24,490 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [543] [2024-10-11 03:01:24,490 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [578] [2024-10-11 03:01:24,490 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [944] [2024-10-11 03:01:24,507 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2024-10-11 03:01:24,533 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:24,553 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:24,554 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24 WrapperNode [2024-10-11 03:01:24,554 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:24,555 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:24,555 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:24,555 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:24,561 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,577 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,594 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 209 [2024-10-11 03:01:24,594 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:24,595 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:24,595 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:24,595 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:24,604 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,604 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,606 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,617 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:24,617 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,617 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,621 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,624 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,625 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,629 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,632 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:24,633 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:24,633 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:24,633 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:24,634 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,642 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:24,654 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:24,671 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:24,673 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:24,713 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:24,714 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:24,714 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:24,715 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:24,715 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:24,715 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:24,715 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:24,715 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:24,793 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:24,795 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:25,027 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:25,027 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:25,089 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:25,089 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:25,089 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25 BoogieIcfgContainer [2024-10-11 03:01:25,089 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:25,091 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:25,091 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:25,094 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:25,094 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:24" (1/3) ... [2024-10-11 03:01:25,095 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@8374031 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,095 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (2/3) ... [2024-10-11 03:01:25,096 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@8374031 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,096 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/3) ... [2024-10-11 03:01:25,097 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product49.cil.c [2024-10-11 03:01:25,111 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:25,112 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:25,156 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:25,161 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@53184685, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:25,161 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:25,167 INFO L276 IsEmpty]: Start isEmpty. Operand has 71 states, 50 states have (on average 1.54) internal successors, (77), 58 states have internal predecessors, (77), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-11 03:01:25,176 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:25,177 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,178 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,178 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,183 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,183 INFO L85 PathProgramCache]: Analyzing trace with hash 1581762416, now seen corresponding path program 1 times [2024-10-11 03:01:25,191 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,192 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [821887375] [2024-10-11 03:01:25,192 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,192 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,361 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:25,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,374 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:25,377 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,380 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,381 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,381 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [821887375] [2024-10-11 03:01:25,382 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [821887375] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,382 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,382 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:25,384 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2059580971] [2024-10-11 03:01:25,384 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,387 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:25,387 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,408 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:25,409 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:25,411 INFO L87 Difference]: Start difference. First operand has 71 states, 50 states have (on average 1.54) internal successors, (77), 58 states have internal predecessors, (77), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,468 INFO L93 Difference]: Finished difference Result 140 states and 203 transitions. [2024-10-11 03:01:25,469 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:25,471 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:25,471 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,479 INFO L225 Difference]: With dead ends: 140 [2024-10-11 03:01:25,480 INFO L226 Difference]: Without dead ends: 66 [2024-10-11 03:01:25,483 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:25,487 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 81 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,488 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 81 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,525 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 66 states. [2024-10-11 03:01:25,551 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 66 to 66. [2024-10-11 03:01:25,557 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 66 states, 47 states have (on average 1.425531914893617) internal successors, (67), 54 states have internal predecessors, (67), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:25,559 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 66 states to 66 states and 90 transitions. [2024-10-11 03:01:25,566 INFO L78 Accepts]: Start accepts. Automaton has 66 states and 90 transitions. Word has length 22 [2024-10-11 03:01:25,566 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:25,566 INFO L471 AbstractCegarLoop]: Abstraction has 66 states and 90 transitions. [2024-10-11 03:01:25,566 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,567 INFO L276 IsEmpty]: Start isEmpty. Operand 66 states and 90 transitions. [2024-10-11 03:01:25,591 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:25,593 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,594 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,594 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:25,594 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,595 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,595 INFO L85 PathProgramCache]: Analyzing trace with hash -656262365, now seen corresponding path program 1 times [2024-10-11 03:01:25,595 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,595 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1655397558] [2024-10-11 03:01:25,595 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,595 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,692 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:25,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,696 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:25,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,702 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,703 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,703 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1655397558] [2024-10-11 03:01:25,703 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1655397558] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,703 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,706 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:25,707 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2056596810] [2024-10-11 03:01:25,707 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,708 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:25,708 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,708 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:25,708 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,709 INFO L87 Difference]: Start difference. First operand 66 states and 90 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,749 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,749 INFO L93 Difference]: Finished difference Result 105 states and 143 transitions. [2024-10-11 03:01:25,751 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:25,752 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:25,752 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,753 INFO L225 Difference]: With dead ends: 105 [2024-10-11 03:01:25,753 INFO L226 Difference]: Without dead ends: 58 [2024-10-11 03:01:25,754 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,755 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 11 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,756 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 120 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,756 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2024-10-11 03:01:25,764 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2024-10-11 03:01:25,765 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 49 states have internal predecessors, (61), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-11 03:01:25,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 79 transitions. [2024-10-11 03:01:25,767 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 79 transitions. Word has length 23 [2024-10-11 03:01:25,767 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:25,767 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 79 transitions. [2024-10-11 03:01:25,768 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,768 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 79 transitions. [2024-10-11 03:01:25,768 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:25,769 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,769 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,770 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:25,770 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,770 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,771 INFO L85 PathProgramCache]: Analyzing trace with hash 2026892957, now seen corresponding path program 1 times [2024-10-11 03:01:25,771 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,771 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1667139479] [2024-10-11 03:01:25,772 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,772 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,866 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:25,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,872 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:25,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,874 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,874 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,874 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1667139479] [2024-10-11 03:01:25,875 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1667139479] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,875 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,875 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:25,875 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1753948895] [2024-10-11 03:01:25,875 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,875 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:25,876 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,876 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:25,876 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,876 INFO L87 Difference]: Start difference. First operand 58 states and 79 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:25,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,910 INFO L93 Difference]: Finished difference Result 114 states and 157 transitions. [2024-10-11 03:01:25,912 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:25,913 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:25,913 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,914 INFO L225 Difference]: With dead ends: 114 [2024-10-11 03:01:25,914 INFO L226 Difference]: Without dead ends: 58 [2024-10-11 03:01:25,914 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,915 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 64 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 65 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,915 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 65 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,916 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2024-10-11 03:01:25,922 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2024-10-11 03:01:25,923 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 49 states have internal predecessors, (60), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-11 03:01:25,924 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 78 transitions. [2024-10-11 03:01:25,925 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 78 transitions. Word has length 26 [2024-10-11 03:01:25,927 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:25,928 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 78 transitions. [2024-10-11 03:01:25,928 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:25,928 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 78 transitions. [2024-10-11 03:01:25,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-10-11 03:01:25,929 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,929 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,929 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:25,929 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,929 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,931 INFO L85 PathProgramCache]: Analyzing trace with hash -1661671047, now seen corresponding path program 1 times [2024-10-11 03:01:25,931 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,931 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1716670514] [2024-10-11 03:01:25,931 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,978 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:25,979 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,981 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-11 03:01:25,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,984 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,984 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,984 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1716670514] [2024-10-11 03:01:25,984 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1716670514] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,985 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,985 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:25,985 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [563648658] [2024-10-11 03:01:25,985 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,985 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:25,986 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,986 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:25,986 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,986 INFO L87 Difference]: Start difference. First operand 58 states and 78 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:26,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,042 INFO L93 Difference]: Finished difference Result 156 states and 213 transitions. [2024-10-11 03:01:26,046 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:26,046 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 31 [2024-10-11 03:01:26,047 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,048 INFO L225 Difference]: With dead ends: 156 [2024-10-11 03:01:26,048 INFO L226 Difference]: Without dead ends: 100 [2024-10-11 03:01:26,048 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:26,049 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 61 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,049 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 130 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:26,052 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 100 states. [2024-10-11 03:01:26,064 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 100 to 98. [2024-10-11 03:01:26,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 71 states have (on average 1.380281690140845) internal successors, (98), 78 states have internal predecessors, (98), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-11 03:01:26,069 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 130 transitions. [2024-10-11 03:01:26,069 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 130 transitions. Word has length 31 [2024-10-11 03:01:26,070 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,070 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 130 transitions. [2024-10-11 03:01:26,071 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:26,071 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 130 transitions. [2024-10-11 03:01:26,071 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,072 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,072 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,073 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:26,073 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,074 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,074 INFO L85 PathProgramCache]: Analyzing trace with hash -101524931, now seen corresponding path program 1 times [2024-10-11 03:01:26,074 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,074 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1179968308] [2024-10-11 03:01:26,074 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,074 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,091 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,123 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,128 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,134 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,164 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,168 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,168 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,168 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1179968308] [2024-10-11 03:01:26,169 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1179968308] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,169 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,170 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1805299680] [2024-10-11 03:01:26,170 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,170 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,171 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,171 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,172 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,172 INFO L87 Difference]: Start difference. First operand 98 states and 130 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,300 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,300 INFO L93 Difference]: Finished difference Result 218 states and 294 transitions. [2024-10-11 03:01:26,301 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:26,301 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:26,301 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,302 INFO L225 Difference]: With dead ends: 218 [2024-10-11 03:01:26,302 INFO L226 Difference]: Without dead ends: 122 [2024-10-11 03:01:26,303 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,303 INFO L432 NwaCegarLoop]: 61 mSDtfsCounter, 46 mSDsluCounter, 135 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 196 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,304 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 196 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:26,304 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2024-10-11 03:01:26,315 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 120. [2024-10-11 03:01:26,315 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 88 states have (on average 1.375) internal successors, (121), 95 states have internal predecessors, (121), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-11 03:01:26,316 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 160 transitions. [2024-10-11 03:01:26,316 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 160 transitions. Word has length 38 [2024-10-11 03:01:26,316 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,316 INFO L471 AbstractCegarLoop]: Abstraction has 120 states and 160 transitions. [2024-10-11 03:01:26,316 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,317 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 160 transitions. [2024-10-11 03:01:26,317 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,317 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,317 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,318 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:26,318 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,319 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,319 INFO L85 PathProgramCache]: Analyzing trace with hash -1381388609, now seen corresponding path program 1 times [2024-10-11 03:01:26,319 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,319 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2058151094] [2024-10-11 03:01:26,319 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,319 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,354 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,359 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,377 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,379 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,380 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,380 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2058151094] [2024-10-11 03:01:26,380 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2058151094] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,380 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,380 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,380 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1483851076] [2024-10-11 03:01:26,381 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,381 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,381 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,382 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,382 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,382 INFO L87 Difference]: Start difference. First operand 120 states and 160 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,498 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,499 INFO L93 Difference]: Finished difference Result 242 states and 330 transitions. [2024-10-11 03:01:26,500 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:26,500 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:26,500 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,501 INFO L225 Difference]: With dead ends: 242 [2024-10-11 03:01:26,502 INFO L226 Difference]: Without dead ends: 124 [2024-10-11 03:01:26,503 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,504 INFO L432 NwaCegarLoop]: 60 mSDtfsCounter, 46 mSDsluCounter, 133 mSDsCounter, 0 mSdLazyCounter, 123 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 50 SdHoareTripleChecker+Valid, 193 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 123 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,507 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [50 Valid, 193 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:26,520 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2024-10-11 03:01:26,535 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 122. [2024-10-11 03:01:26,538 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 122 states, 90 states have (on average 1.3666666666666667) internal successors, (123), 97 states have internal predecessors, (123), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-11 03:01:26,539 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 122 states to 122 states and 162 transitions. [2024-10-11 03:01:26,539 INFO L78 Accepts]: Start accepts. Automaton has 122 states and 162 transitions. Word has length 38 [2024-10-11 03:01:26,539 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,539 INFO L471 AbstractCegarLoop]: Abstraction has 122 states and 162 transitions. [2024-10-11 03:01:26,539 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,539 INFO L276 IsEmpty]: Start isEmpty. Operand 122 states and 162 transitions. [2024-10-11 03:01:26,540 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,540 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,540 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,540 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:26,540 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,541 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,541 INFO L85 PathProgramCache]: Analyzing trace with hash 1325230785, now seen corresponding path program 1 times [2024-10-11 03:01:26,541 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,541 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1929764505] [2024-10-11 03:01:26,541 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,556 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,597 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,602 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,617 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,620 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,621 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,621 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1929764505] [2024-10-11 03:01:26,621 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1929764505] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,621 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,621 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,622 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1630784772] [2024-10-11 03:01:26,622 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,622 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,622 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,622 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,622 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,623 INFO L87 Difference]: Start difference. First operand 122 states and 162 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,822 INFO L93 Difference]: Finished difference Result 364 states and 497 transitions. [2024-10-11 03:01:26,823 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:26,823 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:26,823 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,824 INFO L225 Difference]: With dead ends: 364 [2024-10-11 03:01:26,825 INFO L226 Difference]: Without dead ends: 244 [2024-10-11 03:01:26,825 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,826 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 187 mSDsluCounter, 112 mSDsCounter, 0 mSdLazyCounter, 163 mSolverCounterSat, 55 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 194 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 55 IncrementalHoareTripleChecker+Valid, 163 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,826 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [194 Valid, 208 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [55 Valid, 163 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:26,827 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 244 states. [2024-10-11 03:01:26,844 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 244 to 236. [2024-10-11 03:01:26,844 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 236 states, 172 states have (on average 1.319767441860465) internal successors, (227), 183 states have internal predecessors, (227), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-10-11 03:01:26,846 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 236 states to 236 states and 314 transitions. [2024-10-11 03:01:26,846 INFO L78 Accepts]: Start accepts. Automaton has 236 states and 314 transitions. Word has length 38 [2024-10-11 03:01:26,846 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,846 INFO L471 AbstractCegarLoop]: Abstraction has 236 states and 314 transitions. [2024-10-11 03:01:26,847 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,847 INFO L276 IsEmpty]: Start isEmpty. Operand 236 states and 314 transitions. [2024-10-11 03:01:26,847 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-11 03:01:26,848 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,848 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,848 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:26,848 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,848 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,848 INFO L85 PathProgramCache]: Analyzing trace with hash 629070449, now seen corresponding path program 1 times [2024-10-11 03:01:26,849 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,849 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1021028854] [2024-10-11 03:01:26,849 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,849 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,905 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,911 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,919 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:26,920 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,921 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-11 03:01:26,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,934 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:26,934 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,934 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1021028854] [2024-10-11 03:01:26,934 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1021028854] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,934 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,935 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:26,935 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2036906173] [2024-10-11 03:01:26,935 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,935 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:26,935 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,935 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:26,935 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,936 INFO L87 Difference]: Start difference. First operand 236 states and 314 transitions. Second operand has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:27,158 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,158 INFO L93 Difference]: Finished difference Result 468 states and 629 transitions. [2024-10-11 03:01:27,159 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:27,159 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 41 [2024-10-11 03:01:27,160 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,162 INFO L225 Difference]: With dead ends: 468 [2024-10-11 03:01:27,162 INFO L226 Difference]: Without dead ends: 234 [2024-10-11 03:01:27,163 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:27,163 INFO L432 NwaCegarLoop]: 50 mSDtfsCounter, 105 mSDsluCounter, 203 mSDsCounter, 0 mSdLazyCounter, 213 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 111 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 242 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 213 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,164 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [111 Valid, 253 Invalid, 242 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 213 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:27,164 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 234 states. [2024-10-11 03:01:27,178 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 234 to 232. [2024-10-11 03:01:27,179 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 232 states, 168 states have (on average 1.2797619047619047) internal successors, (215), 179 states have internal predecessors, (215), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-10-11 03:01:27,179 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 232 states to 232 states and 302 transitions. [2024-10-11 03:01:27,180 INFO L78 Accepts]: Start accepts. Automaton has 232 states and 302 transitions. Word has length 41 [2024-10-11 03:01:27,180 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,180 INFO L471 AbstractCegarLoop]: Abstraction has 232 states and 302 transitions. [2024-10-11 03:01:27,180 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-11 03:01:27,180 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 302 transitions. [2024-10-11 03:01:27,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-11 03:01:27,181 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,181 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,181 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:27,181 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,182 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,182 INFO L85 PathProgramCache]: Analyzing trace with hash 1114780583, now seen corresponding path program 1 times [2024-10-11 03:01:27,182 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,182 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [699467390] [2024-10-11 03:01:27,182 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,182 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,303 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:27,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,309 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:27,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,315 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:27,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,329 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-11 03:01:27,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,331 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:27,332 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,332 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [699467390] [2024-10-11 03:01:27,332 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [699467390] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,332 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,332 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-11 03:01:27,332 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1376222167] [2024-10-11 03:01:27,332 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,333 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-11 03:01:27,333 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-11 03:01:27,333 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:27,334 INFO L87 Difference]: Start difference. First operand 232 states and 302 transitions. Second operand has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:27,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,759 INFO L93 Difference]: Finished difference Result 609 states and 840 transitions. [2024-10-11 03:01:27,759 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-10-11 03:01:27,759 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-11 03:01:27,760 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,764 INFO L225 Difference]: With dead ends: 609 [2024-10-11 03:01:27,765 INFO L226 Difference]: Without dead ends: 423 [2024-10-11 03:01:27,765 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 73 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=118, Invalid=302, Unknown=0, NotChecked=0, Total=420 [2024-10-11 03:01:27,766 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 471 mSDsluCounter, 225 mSDsCounter, 0 mSdLazyCounter, 383 mSolverCounterSat, 175 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 476 SdHoareTripleChecker+Valid, 296 SdHoareTripleChecker+Invalid, 558 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 175 IncrementalHoareTripleChecker+Valid, 383 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,766 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [476 Valid, 296 Invalid, 558 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [175 Valid, 383 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:27,767 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 423 states. [2024-10-11 03:01:27,800 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 423 to 360. [2024-10-11 03:01:27,801 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 360 states, 262 states have (on average 1.2671755725190839) internal successors, (332), 282 states have internal predecessors, (332), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-10-11 03:01:27,802 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 360 states to 360 states and 466 transitions. [2024-10-11 03:01:27,803 INFO L78 Accepts]: Start accepts. Automaton has 360 states and 466 transitions. Word has length 42 [2024-10-11 03:01:27,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,803 INFO L471 AbstractCegarLoop]: Abstraction has 360 states and 466 transitions. [2024-10-11 03:01:27,803 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:27,803 INFO L276 IsEmpty]: Start isEmpty. Operand 360 states and 466 transitions. [2024-10-11 03:01:27,805 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2024-10-11 03:01:27,805 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,805 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,805 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:27,805 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,805 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,806 INFO L85 PathProgramCache]: Analyzing trace with hash 829498276, now seen corresponding path program 1 times [2024-10-11 03:01:27,806 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,806 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1921128790] [2024-10-11 03:01:27,806 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,806 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,852 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:27,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,862 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:27,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,867 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:27,867 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,873 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:27,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,876 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-11 03:01:27,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,877 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-10-11 03:01:27,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:27,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,882 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-10-11 03:01:27,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,884 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 3 proven. 1 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2024-10-11 03:01:27,884 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,885 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1921128790] [2024-10-11 03:01:27,885 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1921128790] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:27,885 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1602953671] [2024-10-11 03:01:27,885 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,885 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:27,885 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:27,887 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:27,891 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:27,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,977 INFO L255 TraceCheckSpWp]: Trace formula consists of 279 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:27,983 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:28,118 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:28,119 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:28,262 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:28,262 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1602953671] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:28,262 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:28,263 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 6] total 12 [2024-10-11 03:01:28,263 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [708088955] [2024-10-11 03:01:28,263 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:28,264 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2024-10-11 03:01:28,264 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:28,264 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2024-10-11 03:01:28,264 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=107, Unknown=0, NotChecked=0, Total=132 [2024-10-11 03:01:28,265 INFO L87 Difference]: Start difference. First operand 360 states and 466 transitions. Second operand has 12 states, 10 states have (on average 8.5) internal successors, (85), 8 states have internal predecessors, (85), 4 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 4 states have call successors, (16) [2024-10-11 03:01:29,023 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:29,023 INFO L93 Difference]: Finished difference Result 758 states and 1011 transitions. [2024-10-11 03:01:29,023 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2024-10-11 03:01:29,024 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 8.5) internal successors, (85), 8 states have internal predecessors, (85), 4 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 4 states have call successors, (16) Word has length 76 [2024-10-11 03:01:29,024 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:29,024 INFO L225 Difference]: With dead ends: 758 [2024-10-11 03:01:29,024 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:29,026 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 202 GetRequests, 166 SyntacticMatches, 4 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 233 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=240, Invalid=882, Unknown=0, NotChecked=0, Total=1122 [2024-10-11 03:01:29,027 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 200 mSDsluCounter, 778 mSDsCounter, 0 mSdLazyCounter, 982 mSolverCounterSat, 53 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 207 SdHoareTripleChecker+Valid, 897 SdHoareTripleChecker+Invalid, 1035 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 53 IncrementalHoareTripleChecker+Valid, 982 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:29,027 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [207 Valid, 897 Invalid, 1035 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [53 Valid, 982 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-11 03:01:29,027 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:29,027 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:29,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:29,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:29,028 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 76 [2024-10-11 03:01:29,028 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:29,028 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:29,028 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 8.5) internal successors, (85), 8 states have internal predecessors, (85), 4 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 4 states have call successors, (16) [2024-10-11 03:01:29,029 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:29,029 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:29,031 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:29,046 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:29,232 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:29,234 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:29,236 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:31,553 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:31,576 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-11 03:01:31,587 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:31,593 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-11 03:01:31,604 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:31 BoogieIcfgContainer [2024-10-11 03:01:31,604 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:31,604 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:31,604 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:31,605 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:31,605 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/4) ... [2024-10-11 03:01:31,607 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:31,610 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:31,611 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:31,615 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 33 nodes and edges [2024-10-11 03:01:31,616 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:31,616 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:31,616 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:31,617 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:31,701 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:31,701 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:31,701 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:31,702 INFO L158 Benchmark]: Toolchain (without parser) took 7562.26ms. Allocated memory was 142.6MB in the beginning and 276.8MB in the end (delta: 134.2MB). Free memory was 72.5MB in the beginning and 204.0MB in the end (delta: -131.5MB). Peak memory consumption was 3.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,702 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 142.6MB. Free memory is still 109.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:31,702 INFO L158 Benchmark]: CACSL2BoogieTranslator took 413.44ms. Allocated memory was 142.6MB in the beginning and 190.8MB in the end (delta: 48.2MB). Free memory was 72.2MB in the beginning and 151.2MB in the end (delta: -79.0MB). Peak memory consumption was 16.5MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,703 INFO L158 Benchmark]: Boogie Procedure Inliner took 39.49ms. Allocated memory is still 190.8MB. Free memory was 151.2MB in the beginning and 149.1MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,703 INFO L158 Benchmark]: Boogie Preprocessor took 36.98ms. Allocated memory is still 190.8MB. Free memory was 149.1MB in the beginning and 147.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,703 INFO L158 Benchmark]: RCFGBuilder took 456.71ms. Allocated memory is still 190.8MB. Free memory was 146.8MB in the beginning and 122.8MB in the end (delta: 24.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,703 INFO L158 Benchmark]: TraceAbstraction took 6512.73ms. Allocated memory was 190.8MB in the beginning and 276.8MB in the end (delta: 86.0MB). Free memory was 121.9MB in the beginning and 212.4MB in the end (delta: -90.6MB). Peak memory consumption was 100.0MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,704 INFO L158 Benchmark]: Witness Printer took 97.06ms. Allocated memory is still 276.8MB. Free memory was 211.4MB in the beginning and 204.0MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:31,705 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 142.6MB. Free memory is still 109.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 413.44ms. Allocated memory was 142.6MB in the beginning and 190.8MB in the end (delta: 48.2MB). Free memory was 72.2MB in the beginning and 151.2MB in the end (delta: -79.0MB). Peak memory consumption was 16.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 39.49ms. Allocated memory is still 190.8MB. Free memory was 151.2MB in the beginning and 149.1MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 36.98ms. Allocated memory is still 190.8MB. Free memory was 149.1MB in the beginning and 147.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 456.71ms. Allocated memory is still 190.8MB. Free memory was 146.8MB in the beginning and 122.8MB in the end (delta: 24.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 6512.73ms. Allocated memory was 190.8MB in the beginning and 276.8MB in the end (delta: 86.0MB). Free memory was 121.9MB in the beginning and 212.4MB in the end (delta: -90.6MB). Peak memory consumption was 100.0MB. Max. memory is 16.1GB. * Witness Printer took 97.06ms. Allocated memory is still 276.8MB. Free memory was 211.4MB in the beginning and 204.0MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 261]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [261] - GenericResultAtLocation [Line: 329]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [329] - GenericResultAtLocation [Line: 433]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [433] - GenericResultAtLocation [Line: 442]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [442] - GenericResultAtLocation [Line: 543]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [543] - GenericResultAtLocation [Line: 578]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [578] - GenericResultAtLocation [Line: 944]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [944] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 438]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 71 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.1s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1227 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1191 mSDsluCounter, 2439 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1691 mSDsCounter, 338 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2061 IncrementalHoareTripleChecker+Invalid, 2399 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 338 mSolverCounterUnsat, 748 mSDtfsCounter, 2061 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 322 GetRequests, 237 SyntacticMatches, 4 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 327 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=360occurred in iteration=9, InterpolantAutomatonStates: 85, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 79 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 451 NumberOfCodeBlocks, 451 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 515 ConstructedInterpolants, 0 QuantifiedInterpolants, 894 SizeOfPredicates, 2 NumberOfNonLiveVariables, 279 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 85/99 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 454]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 274]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 92]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 357]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 444]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 65]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) - ProcedureContractResult [Line: 100]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 345]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 178]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:31,739 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE