./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1ef39c14b0f41147d1df64069011556a64ce74ff520b071f62407c2225292c50 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:22,957 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:23,013 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:23,019 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:23,020 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:23,045 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:23,046 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:23,046 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:23,047 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:23,047 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:23,047 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:23,047 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:23,048 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:23,048 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:23,048 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:23,049 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:23,049 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:23,049 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:23,049 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:23,050 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:23,050 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:23,054 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:23,054 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:23,054 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:23,054 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:23,055 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:23,055 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:23,055 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:23,055 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:23,055 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:23,055 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:23,056 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:23,056 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:23,057 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:23,057 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:23,057 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:23,057 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:23,057 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1ef39c14b0f41147d1df64069011556a64ce74ff520b071f62407c2225292c50 [2024-10-11 03:01:23,272 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:23,298 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:23,300 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:23,301 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:23,301 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:23,302 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c [2024-10-11 03:01:24,688 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:24,910 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:24,914 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c [2024-10-11 03:01:24,933 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/ffbffb855/10d9e01387af4f509ae3d903b51ef21b/FLAG7a2afe950 [2024-10-11 03:01:24,947 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/ffbffb855/10d9e01387af4f509ae3d903b51ef21b [2024-10-11 03:01:24,950 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:24,952 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:24,953 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:24,953 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:24,963 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:24,964 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,965 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3cd81ef6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24, skipping insertion in model container [2024-10-11 03:01:24,966 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:25,015 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:25,308 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c[18485,18498] [2024-10-11 03:01:25,313 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:25,322 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:25,330 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-10-11 03:01:25,332 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [277] [2024-10-11 03:01:25,332 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [381] [2024-10-11 03:01:25,332 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [448] [2024-10-11 03:01:25,332 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [483] [2024-10-11 03:01:25,332 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [849] [2024-10-11 03:01:25,333 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [953] [2024-10-11 03:01:25,333 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [962] [2024-10-11 03:01:25,371 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c[18485,18498] [2024-10-11 03:01:25,373 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:25,390 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:25,390 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25 WrapperNode [2024-10-11 03:01:25,391 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:25,391 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:25,392 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:25,392 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:25,397 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,411 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,437 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 212 [2024-10-11 03:01:25,440 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:25,440 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:25,440 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:25,440 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:25,450 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,450 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,456 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,479 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:25,483 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,483 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,487 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,493 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,498 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,500 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,501 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:25,502 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:25,502 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:25,502 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:25,503 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (1/1) ... [2024-10-11 03:01:25,508 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:25,517 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:25,532 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:25,543 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:25,618 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:25,619 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-11 03:01:25,619 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-11 03:01:25,620 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:25,620 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:25,620 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:25,620 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:25,620 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:25,696 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:25,698 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:25,901 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:25,901 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:25,973 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:25,974 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:25,974 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25 BoogieIcfgContainer [2024-10-11 03:01:25,974 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:25,976 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:25,977 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:25,980 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:25,980 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:24" (1/3) ... [2024-10-11 03:01:25,981 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@fc0b471 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,981 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:25" (2/3) ... [2024-10-11 03:01:25,981 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@fc0b471 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,981 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/3) ... [2024-10-11 03:01:25,982 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product51.cil.c [2024-10-11 03:01:26,001 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:26,001 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:26,059 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:26,073 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@664bbbfc, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:26,076 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:26,083 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 53 states have (on average 1.528301886792453) internal successors, (81), 62 states have internal predecessors, (81), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:26,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:26,093 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,094 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,094 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,099 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,100 INFO L85 PathProgramCache]: Analyzing trace with hash 81616940, now seen corresponding path program 1 times [2024-10-11 03:01:26,108 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,109 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1304883715] [2024-10-11 03:01:26,110 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,110 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,270 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:26,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,281 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:26,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,286 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,286 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,287 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1304883715] [2024-10-11 03:01:26,287 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1304883715] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,287 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,288 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:26,289 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [898728669] [2024-10-11 03:01:26,289 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,293 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:26,294 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,315 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:26,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:26,318 INFO L87 Difference]: Start difference. First operand has 77 states, 53 states have (on average 1.528301886792453) internal successors, (81), 62 states have internal predecessors, (81), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,362 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,363 INFO L93 Difference]: Finished difference Result 152 states and 219 transitions. [2024-10-11 03:01:26,368 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:26,369 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:26,369 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,377 INFO L225 Difference]: With dead ends: 152 [2024-10-11 03:01:26,377 INFO L226 Difference]: Without dead ends: 72 [2024-10-11 03:01:26,380 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:26,383 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,384 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 88 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:26,399 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-10-11 03:01:26,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-10-11 03:01:26,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 50 states have (on average 1.42) internal successors, (71), 58 states have internal predecessors, (71), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-11 03:01:26,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 98 transitions. [2024-10-11 03:01:26,428 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 98 transitions. Word has length 22 [2024-10-11 03:01:26,428 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,428 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 98 transitions. [2024-10-11 03:01:26,429 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,429 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 98 transitions. [2024-10-11 03:01:26,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:26,431 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,431 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,431 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:26,432 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,432 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,433 INFO L85 PathProgramCache]: Analyzing trace with hash 464519658, now seen corresponding path program 1 times [2024-10-11 03:01:26,433 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,433 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2130631143] [2024-10-11 03:01:26,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,545 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:26,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,552 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:26,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,560 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,561 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,561 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2130631143] [2024-10-11 03:01:26,561 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2130631143] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,562 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,562 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:26,562 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2091176895] [2024-10-11 03:01:26,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,563 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:26,564 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,564 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:26,565 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:26,565 INFO L87 Difference]: Start difference. First operand 72 states and 98 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,611 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,612 INFO L93 Difference]: Finished difference Result 114 states and 154 transitions. [2024-10-11 03:01:26,612 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:26,613 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:26,613 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,615 INFO L225 Difference]: With dead ends: 114 [2024-10-11 03:01:26,616 INFO L226 Difference]: Without dead ends: 64 [2024-10-11 03:01:26,617 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:26,618 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 14 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 23 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 23 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 23 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,621 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 131 Invalid, 23 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 23 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:26,621 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-11 03:01:26,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-11 03:01:26,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4444444444444444) internal successors, (65), 53 states have internal predecessors, (65), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:26,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 87 transitions. [2024-10-11 03:01:26,632 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 87 transitions. Word has length 23 [2024-10-11 03:01:26,632 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,632 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 87 transitions. [2024-10-11 03:01:26,633 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,633 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 87 transitions. [2024-10-11 03:01:26,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:26,634 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,634 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,634 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:26,634 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,635 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,635 INFO L85 PathProgramCache]: Analyzing trace with hash 1412987531, now seen corresponding path program 1 times [2024-10-11 03:01:26,635 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,635 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [910537561] [2024-10-11 03:01:26,635 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,636 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,756 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,758 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,760 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:26,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,763 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,763 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,763 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [910537561] [2024-10-11 03:01:26,764 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [910537561] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,764 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,764 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:26,764 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [387252075] [2024-10-11 03:01:26,764 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,765 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:26,765 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,765 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:26,765 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:26,766 INFO L87 Difference]: Start difference. First operand 64 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:26,834 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,837 INFO L93 Difference]: Finished difference Result 188 states and 258 transitions. [2024-10-11 03:01:26,837 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:26,838 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:26,838 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,839 INFO L225 Difference]: With dead ends: 188 [2024-10-11 03:01:26,839 INFO L226 Difference]: Without dead ends: 126 [2024-10-11 03:01:26,840 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:26,841 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 71 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 157 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,843 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 157 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:26,844 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2024-10-11 03:01:26,864 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 123. [2024-10-11 03:01:26,866 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 86 states have (on average 1.4534883720930232) internal successors, (125), 101 states have internal predecessors, (125), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-10-11 03:01:26,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 169 transitions. [2024-10-11 03:01:26,872 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 169 transitions. Word has length 26 [2024-10-11 03:01:26,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,872 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 169 transitions. [2024-10-11 03:01:26,872 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:26,873 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 169 transitions. [2024-10-11 03:01:26,876 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:26,876 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,876 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,877 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:26,877 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,877 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,877 INFO L85 PathProgramCache]: Analyzing trace with hash 411865522, now seen corresponding path program 1 times [2024-10-11 03:01:26,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,878 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [804541948] [2024-10-11 03:01:26,878 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,878 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:26,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,000 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:27,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,019 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:27,021 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,021 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [804541948] [2024-10-11 03:01:27,021 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [804541948] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,021 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,021 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:27,022 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1927808237] [2024-10-11 03:01:27,022 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,023 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:27,023 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,023 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:27,024 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:27,024 INFO L87 Difference]: Start difference. First operand 123 states and 169 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:27,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,203 INFO L93 Difference]: Finished difference Result 324 states and 453 transitions. [2024-10-11 03:01:27,203 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:27,204 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2024-10-11 03:01:27,204 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,206 INFO L225 Difference]: With dead ends: 324 [2024-10-11 03:01:27,206 INFO L226 Difference]: Without dead ends: 203 [2024-10-11 03:01:27,207 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:27,208 INFO L432 NwaCegarLoop]: 75 mSDtfsCounter, 44 mSDsluCounter, 252 mSDsCounter, 0 mSdLazyCounter, 113 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 122 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 113 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,208 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 327 Invalid, 122 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:27,209 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2024-10-11 03:01:27,230 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 202. [2024-10-11 03:01:27,231 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 202 states, 143 states have (on average 1.3776223776223777) internal successors, (197), 158 states have internal predecessors, (197), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-10-11 03:01:27,233 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 202 states to 202 states and 269 transitions. [2024-10-11 03:01:27,233 INFO L78 Accepts]: Start accepts. Automaton has 202 states and 269 transitions. Word has length 29 [2024-10-11 03:01:27,233 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,233 INFO L471 AbstractCegarLoop]: Abstraction has 202 states and 269 transitions. [2024-10-11 03:01:27,234 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:27,234 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 269 transitions. [2024-10-11 03:01:27,235 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:27,235 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,235 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,235 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:27,236 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,236 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,236 INFO L85 PathProgramCache]: Analyzing trace with hash 1169056170, now seen corresponding path program 1 times [2024-10-11 03:01:27,236 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,236 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255726019] [2024-10-11 03:01:27,237 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,237 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,282 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:27,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,288 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:27,292 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,309 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:27,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,311 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:27,311 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255726019] [2024-10-11 03:01:27,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255726019] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,312 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,312 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:27,312 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [360483227] [2024-10-11 03:01:27,312 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,313 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:27,313 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,313 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:27,313 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:27,314 INFO L87 Difference]: Start difference. First operand 202 states and 269 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:27,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,436 INFO L93 Difference]: Finished difference Result 446 states and 601 transitions. [2024-10-11 03:01:27,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:27,436 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:27,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,438 INFO L225 Difference]: With dead ends: 446 [2024-10-11 03:01:27,439 INFO L226 Difference]: Without dead ends: 246 [2024-10-11 03:01:27,440 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:27,446 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 48 mSDsluCounter, 143 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,447 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 208 Invalid, 134 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:27,448 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 246 states. [2024-10-11 03:01:27,482 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 246 to 244. [2024-10-11 03:01:27,487 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 244 states, 175 states have (on average 1.3542857142857143) internal successors, (237), 190 states have internal predecessors, (237), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-11 03:01:27,488 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 244 states to 244 states and 323 transitions. [2024-10-11 03:01:27,488 INFO L78 Accepts]: Start accepts. Automaton has 244 states and 323 transitions. Word has length 38 [2024-10-11 03:01:27,488 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,488 INFO L471 AbstractCegarLoop]: Abstraction has 244 states and 323 transitions. [2024-10-11 03:01:27,489 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:27,489 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 323 transitions. [2024-10-11 03:01:27,490 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:27,490 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,490 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:27,490 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,494 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,495 INFO L85 PathProgramCache]: Analyzing trace with hash -110807508, now seen corresponding path program 1 times [2024-10-11 03:01:27,495 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,495 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1921986101] [2024-10-11 03:01:27,495 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,495 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,557 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:27,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,566 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:27,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,592 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:27,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,595 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:27,595 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,595 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1921986101] [2024-10-11 03:01:27,596 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1921986101] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,596 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,597 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:27,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [582631896] [2024-10-11 03:01:27,597 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,597 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:27,598 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,598 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:27,598 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:27,599 INFO L87 Difference]: Start difference. First operand 244 states and 323 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-11 03:01:27,908 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,908 INFO L93 Difference]: Finished difference Result 498 states and 671 transitions. [2024-10-11 03:01:27,909 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-10-11 03:01:27,909 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 38 [2024-10-11 03:01:27,909 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,911 INFO L225 Difference]: With dead ends: 498 [2024-10-11 03:01:27,912 INFO L226 Difference]: Without dead ends: 256 [2024-10-11 03:01:27,913 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-10-11 03:01:27,914 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 151 mSDsluCounter, 215 mSDsCounter, 0 mSdLazyCounter, 185 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 158 SdHoareTripleChecker+Valid, 286 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 185 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,918 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [158 Valid, 286 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 185 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:27,919 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2024-10-11 03:01:27,936 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 248. [2024-10-11 03:01:27,936 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 179 states have (on average 1.3463687150837989) internal successors, (241), 194 states have internal predecessors, (241), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-11 03:01:27,937 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 327 transitions. [2024-10-11 03:01:27,938 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 327 transitions. Word has length 38 [2024-10-11 03:01:27,938 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,938 INFO L471 AbstractCegarLoop]: Abstraction has 248 states and 327 transitions. [2024-10-11 03:01:27,938 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-11 03:01:27,939 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 327 transitions. [2024-10-11 03:01:27,939 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:27,939 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,940 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,940 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:27,940 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,940 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,940 INFO L85 PathProgramCache]: Analyzing trace with hash -1699155410, now seen corresponding path program 1 times [2024-10-11 03:01:27,941 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,941 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [225339046] [2024-10-11 03:01:27,941 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,981 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:27,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:27,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,005 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:28,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,008 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:28,009 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:28,009 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [225339046] [2024-10-11 03:01:28,009 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [225339046] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:28,009 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:28,010 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:28,010 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1003005728] [2024-10-11 03:01:28,010 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:28,010 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:28,010 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:28,011 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:28,011 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:28,011 INFO L87 Difference]: Start difference. First operand 248 states and 327 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:28,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:28,196 INFO L93 Difference]: Finished difference Result 732 states and 999 transitions. [2024-10-11 03:01:28,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:28,196 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:28,196 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:28,199 INFO L225 Difference]: With dead ends: 732 [2024-10-11 03:01:28,199 INFO L226 Difference]: Without dead ends: 486 [2024-10-11 03:01:28,200 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:28,201 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 193 mSDsluCounter, 124 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 200 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 230 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:28,201 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [200 Valid, 222 Invalid, 230 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:28,202 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 486 states. [2024-10-11 03:01:28,228 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 486 to 480. [2024-10-11 03:01:28,229 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 480 states, 345 states have (on average 1.2927536231884058) internal successors, (446), 369 states have internal predecessors, (446), 73 states have call successors, (73), 59 states have call predecessors, (73), 61 states have return successors, (111), 72 states have call predecessors, (111), 73 states have call successors, (111) [2024-10-11 03:01:28,231 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 480 states to 480 states and 630 transitions. [2024-10-11 03:01:28,232 INFO L78 Accepts]: Start accepts. Automaton has 480 states and 630 transitions. Word has length 38 [2024-10-11 03:01:28,232 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:28,232 INFO L471 AbstractCegarLoop]: Abstraction has 480 states and 630 transitions. [2024-10-11 03:01:28,233 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:28,233 INFO L276 IsEmpty]: Start isEmpty. Operand 480 states and 630 transitions. [2024-10-11 03:01:28,234 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-11 03:01:28,234 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:28,234 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:28,234 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:28,234 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:28,235 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:28,235 INFO L85 PathProgramCache]: Analyzing trace with hash -773742700, now seen corresponding path program 1 times [2024-10-11 03:01:28,235 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:28,235 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1936022562] [2024-10-11 03:01:28,235 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:28,235 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:28,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,381 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:28,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,392 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:28,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,401 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:28,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,425 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-11 03:01:28,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,431 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:28,431 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:28,431 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1936022562] [2024-10-11 03:01:28,431 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1936022562] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:28,431 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:28,432 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-11 03:01:28,432 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [902754603] [2024-10-11 03:01:28,432 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:28,432 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-11 03:01:28,432 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:28,433 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-11 03:01:28,436 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:28,436 INFO L87 Difference]: Start difference. First operand 480 states and 630 transitions. Second operand has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:29,187 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:29,191 INFO L93 Difference]: Finished difference Result 1279 states and 1780 transitions. [2024-10-11 03:01:29,192 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-11 03:01:29,192 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-11 03:01:29,192 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:29,200 INFO L225 Difference]: With dead ends: 1279 [2024-10-11 03:01:29,203 INFO L226 Difference]: Without dead ends: 891 [2024-10-11 03:01:29,205 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 86 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=125, Invalid=337, Unknown=0, NotChecked=0, Total=462 [2024-10-11 03:01:29,206 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 499 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 395 mSolverCounterSat, 190 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 507 SdHoareTripleChecker+Valid, 317 SdHoareTripleChecker+Invalid, 585 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 190 IncrementalHoareTripleChecker+Valid, 395 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:29,206 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [507 Valid, 317 Invalid, 585 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [190 Valid, 395 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-10-11 03:01:29,207 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 891 states. [2024-10-11 03:01:29,299 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 891 to 822. [2024-10-11 03:01:29,305 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 822 states, 590 states have (on average 1.2915254237288136) internal successors, (762), 638 states have internal predecessors, (762), 124 states have call successors, (124), 94 states have call predecessors, (124), 107 states have return successors, (194), 121 states have call predecessors, (194), 124 states have call successors, (194) [2024-10-11 03:01:29,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 822 states to 822 states and 1080 transitions. [2024-10-11 03:01:29,318 INFO L78 Accepts]: Start accepts. Automaton has 822 states and 1080 transitions. Word has length 42 [2024-10-11 03:01:29,319 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:29,319 INFO L471 AbstractCegarLoop]: Abstraction has 822 states and 1080 transitions. [2024-10-11 03:01:29,319 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:29,320 INFO L276 IsEmpty]: Start isEmpty. Operand 822 states and 1080 transitions. [2024-10-11 03:01:29,321 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-10-11 03:01:29,325 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:29,325 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:29,326 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:29,326 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:29,326 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:29,326 INFO L85 PathProgramCache]: Analyzing trace with hash 1290092586, now seen corresponding path program 1 times [2024-10-11 03:01:29,326 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:29,326 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [959227341] [2024-10-11 03:01:29,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:29,327 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:29,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,379 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:29,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:29,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,409 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:29,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:29,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,423 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-10-11 03:01:29,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,426 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 59 [2024-10-11 03:01:29,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,427 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:29,428 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:29,428 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [959227341] [2024-10-11 03:01:29,429 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [959227341] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:29,429 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:29,429 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:29,429 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1303756064] [2024-10-11 03:01:29,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:29,429 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:29,430 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:29,431 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:29,431 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:29,431 INFO L87 Difference]: Start difference. First operand 822 states and 1080 transitions. Second operand has 7 states, 6 states have (on average 8.5) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:29,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:29,714 INFO L93 Difference]: Finished difference Result 1015 states and 1325 transitions. [2024-10-11 03:01:29,715 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:29,715 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 8.5) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 66 [2024-10-11 03:01:29,715 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:29,721 INFO L225 Difference]: With dead ends: 1015 [2024-10-11 03:01:29,721 INFO L226 Difference]: Without dead ends: 407 [2024-10-11 03:01:29,723 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:29,723 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 261 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 246 mSolverCounterSat, 92 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 270 SdHoareTripleChecker+Valid, 232 SdHoareTripleChecker+Invalid, 338 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 92 IncrementalHoareTripleChecker+Valid, 246 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:29,724 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [270 Valid, 232 Invalid, 338 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [92 Valid, 246 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:29,724 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 407 states. [2024-10-11 03:01:29,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 407 to 367. [2024-10-11 03:01:29,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 367 states, 264 states have (on average 1.2386363636363635) internal successors, (327), 284 states have internal predecessors, (327), 54 states have call successors, (54), 41 states have call predecessors, (54), 48 states have return successors, (86), 53 states have call predecessors, (86), 54 states have call successors, (86) [2024-10-11 03:01:29,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 367 states to 367 states and 467 transitions. [2024-10-11 03:01:29,775 INFO L78 Accepts]: Start accepts. Automaton has 367 states and 467 transitions. Word has length 66 [2024-10-11 03:01:29,775 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:29,775 INFO L471 AbstractCegarLoop]: Abstraction has 367 states and 467 transitions. [2024-10-11 03:01:29,776 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 8.5) internal successors, (51), 4 states have internal predecessors, (51), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:29,776 INFO L276 IsEmpty]: Start isEmpty. Operand 367 states and 467 transitions. [2024-10-11 03:01:29,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2024-10-11 03:01:29,777 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:29,777 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:29,778 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:29,778 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:29,778 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:29,778 INFO L85 PathProgramCache]: Analyzing trace with hash 1417958015, now seen corresponding path program 1 times [2024-10-11 03:01:29,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:29,778 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [508949126] [2024-10-11 03:01:29,778 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:29,779 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:29,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,869 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:29,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,880 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:29,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,899 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:29,900 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,907 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:29,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,913 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-11 03:01:29,914 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,931 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-10-11 03:01:29,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,934 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:29,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,934 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-10-11 03:01:29,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:29,936 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:29,936 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:29,936 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [508949126] [2024-10-11 03:01:29,936 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [508949126] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:29,936 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1403817866] [2024-10-11 03:01:29,936 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:29,936 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:29,937 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:29,939 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:29,940 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:30,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:30,013 INFO L255 TraceCheckSpWp]: Trace formula consists of 278 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:30,020 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:30,163 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:30,163 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:30,527 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:30,527 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1403817866] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:30,527 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:30,527 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:30,527 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1639315047] [2024-10-11 03:01:30,527 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:30,528 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:30,528 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:30,528 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:30,528 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:30,528 INFO L87 Difference]: Start difference. First operand 367 states and 467 transitions. Second operand has 15 states, 12 states have (on average 8.25) internal successors, (99), 10 states have internal predecessors, (99), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-11 03:01:31,870 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:31,870 INFO L93 Difference]: Finished difference Result 766 states and 995 transitions. [2024-10-11 03:01:31,871 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-11 03:01:31,871 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 8.25) internal successors, (99), 10 states have internal predecessors, (99), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 76 [2024-10-11 03:01:31,872 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:31,873 INFO L225 Difference]: With dead ends: 766 [2024-10-11 03:01:31,873 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:31,875 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 211 GetRequests, 170 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=345, Invalid=1137, Unknown=0, NotChecked=0, Total=1482 [2024-10-11 03:01:31,876 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 287 mSDsluCounter, 601 mSDsCounter, 0 mSdLazyCounter, 848 mSolverCounterSat, 112 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 290 SdHoareTripleChecker+Valid, 711 SdHoareTripleChecker+Invalid, 960 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 112 IncrementalHoareTripleChecker+Valid, 848 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:31,876 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [290 Valid, 711 Invalid, 960 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [112 Valid, 848 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-10-11 03:01:31,877 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:31,877 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:31,877 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:31,877 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:31,877 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 76 [2024-10-11 03:01:31,878 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:31,878 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:31,878 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 8.25) internal successors, (99), 10 states have internal predecessors, (99), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-11 03:01:31,878 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:31,878 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:31,881 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:31,899 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-11 03:01:32,082 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:32,085 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:32,087 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:35,146 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:35,169 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2)))) Eliminated clause: (or (and (= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2))) [2024-10-11 03:01:35,184 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:35,192 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:35,196 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:35,203 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:35 BoogieIcfgContainer [2024-10-11 03:01:35,203 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:35,204 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:35,204 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:35,204 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:35,205 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/4) ... [2024-10-11 03:01:35,208 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:35,215 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-11 03:01:35,219 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:35,219 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:35,219 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:35,219 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:35,220 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:35,220 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:35,220 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:35,225 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 35 nodes and edges [2024-10-11 03:01:35,228 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:35,228 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:35,229 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:35,229 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:35,321 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:35,324 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:35,324 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:35,324 INFO L158 Benchmark]: Toolchain (without parser) took 10372.07ms. Allocated memory was 176.2MB in the beginning and 283.1MB in the end (delta: 107.0MB). Free memory was 118.0MB in the beginning and 96.0MB in the end (delta: 22.0MB). Peak memory consumption was 129.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,325 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 96.5MB. Free memory is still 50.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:35,325 INFO L158 Benchmark]: CACSL2BoogieTranslator took 437.55ms. Allocated memory is still 176.2MB. Free memory was 118.0MB in the beginning and 134.1MB in the end (delta: -16.1MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,325 INFO L158 Benchmark]: Boogie Procedure Inliner took 48.31ms. Allocated memory is still 176.2MB. Free memory was 134.1MB in the beginning and 132.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,325 INFO L158 Benchmark]: Boogie Preprocessor took 61.09ms. Allocated memory is still 176.2MB. Free memory was 132.0MB in the beginning and 129.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,325 INFO L158 Benchmark]: RCFGBuilder took 472.37ms. Allocated memory is still 176.2MB. Free memory was 129.9MB in the beginning and 105.5MB in the end (delta: 24.4MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,326 INFO L158 Benchmark]: TraceAbstraction took 9227.13ms. Allocated memory was 176.2MB in the beginning and 283.1MB in the end (delta: 107.0MB). Free memory was 104.7MB in the beginning and 103.3MB in the end (delta: 1.4MB). Peak memory consumption was 134.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,326 INFO L158 Benchmark]: Witness Printer took 120.00ms. Allocated memory is still 283.1MB. Free memory was 103.3MB in the beginning and 96.0MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-11 03:01:35,327 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 96.5MB. Free memory is still 50.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 437.55ms. Allocated memory is still 176.2MB. Free memory was 118.0MB in the beginning and 134.1MB in the end (delta: -16.1MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 48.31ms. Allocated memory is still 176.2MB. Free memory was 134.1MB in the beginning and 132.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 61.09ms. Allocated memory is still 176.2MB. Free memory was 132.0MB in the beginning and 129.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 472.37ms. Allocated memory is still 176.2MB. Free memory was 129.9MB in the beginning and 105.5MB in the end (delta: 24.4MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 9227.13ms. Allocated memory was 176.2MB in the beginning and 283.1MB in the end (delta: 107.0MB). Free memory was 104.7MB in the beginning and 103.3MB in the end (delta: 1.4MB). Peak memory consumption was 134.1MB. Max. memory is 16.1GB. * Witness Printer took 120.00ms. Allocated memory is still 283.1MB. Free memory was 103.3MB in the beginning and 96.0MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 277]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [277] - GenericResultAtLocation [Line: 381]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [381] - GenericResultAtLocation [Line: 448]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [448] - GenericResultAtLocation [Line: 483]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [483] - GenericResultAtLocation [Line: 849]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [849] - GenericResultAtLocation [Line: 953]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [953] - GenericResultAtLocation [Line: 962]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [962] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 958]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.0s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1611 SdHoareTripleChecker+Valid, 2.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1568 mSDsluCounter, 2679 SdHoareTripleChecker+Invalid, 1.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1849 mSDsCounter, 514 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2145 IncrementalHoareTripleChecker+Invalid, 2659 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 514 mSolverCounterUnsat, 830 mSDtfsCounter, 2145 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 348 GetRequests, 247 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 461 ImplicationChecksByTransitivity, 1.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=822occurred in iteration=8, InterpolantAutomatonStates: 92, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 129 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 474 NumberOfCodeBlocks, 474 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 538 ConstructedInterpolants, 0 QuantifiedInterpolants, 1100 SizeOfPredicates, 2 NumberOfNonLiveVariables, 278 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 90/118 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 392]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 289]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 391]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2))) Ensures: ((pumpRunning == 0) && (((2 == waterLevel) && (0 != systemActive)) || ((1 == systemActive) && (waterLevel <= 2)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 877]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 279]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 865]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:35,353 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE