./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 84cfde4a Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c -s /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-84cfde4 [2024-10-11 03:01:22,573 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-11 03:01:22,649 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-11 03:01:22,654 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-11 03:01:22,656 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-11 03:01:22,679 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-11 03:01:22,679 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-11 03:01:22,680 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-11 03:01:22,680 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-11 03:01:22,683 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-11 03:01:22,684 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-11 03:01:22,684 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-11 03:01:22,684 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-11 03:01:22,684 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-11 03:01:22,685 INFO L153 SettingsManager]: * Use SBE=true [2024-10-11 03:01:22,685 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-11 03:01:22,685 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-11 03:01:22,685 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-11 03:01:22,685 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-11 03:01:22,686 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-11 03:01:22,686 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-11 03:01:22,687 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-11 03:01:22,687 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-11 03:01:22,688 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-11 03:01:22,688 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-11 03:01:22,688 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-11 03:01:22,688 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-11 03:01:22,688 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-11 03:01:22,689 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-11 03:01:22,689 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-11 03:01:22,689 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-11 03:01:22,690 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-11 03:01:22,690 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:22,690 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-11 03:01:22,691 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-11 03:01:22,692 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-11 03:01:22,692 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-11 03:01:22,692 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 [2024-10-11 03:01:22,894 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-11 03:01:22,914 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-11 03:01:22,916 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-11 03:01:22,917 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-11 03:01:22,917 INFO L274 PluginConnector]: CDTParser initialized [2024-10-11 03:01:22,918 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2024-10-11 03:01:24,169 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-11 03:01:24,344 INFO L384 CDTParser]: Found 1 translation units. [2024-10-11 03:01:24,348 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2024-10-11 03:01:24,358 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/58d168ca1/ffd5f36bcaa542d38705bea9455ed84f/FLAG02c0c4098 [2024-10-11 03:01:24,368 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/data/58d168ca1/ffd5f36bcaa542d38705bea9455ed84f [2024-10-11 03:01:24,371 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-11 03:01:24,372 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-11 03:01:24,374 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:24,374 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-11 03:01:24,379 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-11 03:01:24,379 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,380 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@a0ffc3f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24, skipping insertion in model container [2024-10-11 03:01:24,380 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,420 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-11 03:01:24,653 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2024-10-11 03:01:24,676 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:24,687 INFO L200 MainTranslator]: Completed pre-run [2024-10-11 03:01:24,694 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-10-11 03:01:24,695 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [521] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [530] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [581] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [760] [2024-10-11 03:01:24,696 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-10-11 03:01:24,753 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2024-10-11 03:01:24,765 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-11 03:01:24,784 INFO L204 MainTranslator]: Completed translation [2024-10-11 03:01:24,784 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24 WrapperNode [2024-10-11 03:01:24,784 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-11 03:01:24,785 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:24,785 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-11 03:01:24,785 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-11 03:01:24,790 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,801 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,821 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 215 [2024-10-11 03:01:24,821 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-11 03:01:24,821 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-11 03:01:24,822 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-11 03:01:24,822 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-11 03:01:24,833 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,833 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,835 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,847 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-11 03:01:24,847 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,848 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,854 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,857 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,858 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,859 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,865 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-11 03:01:24,866 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-11 03:01:24,866 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-11 03:01:24,866 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-11 03:01:24,867 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (1/1) ... [2024-10-11 03:01:24,873 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-11 03:01:24,885 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:24,899 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-11 03:01:24,901 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-11 03:01:24,932 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-11 03:01:24,932 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-11 03:01:24,932 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-11 03:01:24,933 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-11 03:01:24,933 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-11 03:01:24,934 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-11 03:01:24,934 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-11 03:01:24,934 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-11 03:01:24,934 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-11 03:01:24,934 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-11 03:01:24,997 INFO L238 CfgBuilder]: Building ICFG [2024-10-11 03:01:24,999 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-11 03:01:25,182 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-10-11 03:01:25,182 INFO L287 CfgBuilder]: Performing block encoding [2024-10-11 03:01:25,239 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-11 03:01:25,239 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-11 03:01:25,240 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25 BoogieIcfgContainer [2024-10-11 03:01:25,240 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-11 03:01:25,242 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-11 03:01:25,242 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-11 03:01:25,244 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-11 03:01:25,245 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.10 03:01:24" (1/3) ... [2024-10-11 03:01:25,245 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@10d89026 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,245 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.10 03:01:24" (2/3) ... [2024-10-11 03:01:25,245 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@10d89026 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.10 03:01:25, skipping insertion in model container [2024-10-11 03:01:25,246 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/3) ... [2024-10-11 03:01:25,246 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product52.cil.c [2024-10-11 03:01:25,260 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-11 03:01:25,260 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-11 03:01:25,302 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-11 03:01:25,310 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@714995e6, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-11 03:01:25,311 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-11 03:01:25,314 INFO L276 IsEmpty]: Start isEmpty. Operand has 77 states, 53 states have (on average 1.528301886792453) internal successors, (81), 62 states have internal predecessors, (81), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-11 03:01:25,323 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-11 03:01:25,323 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,324 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,325 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,329 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,329 INFO L85 PathProgramCache]: Analyzing trace with hash -345854806, now seen corresponding path program 1 times [2024-10-11 03:01:25,339 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,340 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [275253847] [2024-10-11 03:01:25,340 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,341 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,435 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,486 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-11 03:01:25,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,495 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:25,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,503 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,504 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,504 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [275253847] [2024-10-11 03:01:25,504 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [275253847] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,505 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,505 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-11 03:01:25,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [989569407] [2024-10-11 03:01:25,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,511 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-11 03:01:25,511 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,531 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-11 03:01:25,531 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:25,533 INFO L87 Difference]: Start difference. First operand has 77 states, 53 states have (on average 1.528301886792453) internal successors, (81), 62 states have internal predecessors, (81), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,622 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,622 INFO L93 Difference]: Finished difference Result 152 states and 219 transitions. [2024-10-11 03:01:25,627 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-11 03:01:25,628 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-11 03:01:25,628 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,637 INFO L225 Difference]: With dead ends: 152 [2024-10-11 03:01:25,638 INFO L226 Difference]: Without dead ends: 72 [2024-10-11 03:01:25,643 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-11 03:01:25,647 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 87 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,648 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 87 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,660 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2024-10-11 03:01:25,674 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2024-10-11 03:01:25,676 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 50 states have (on average 1.42) internal successors, (71), 58 states have internal predecessors, (71), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-11 03:01:25,677 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 98 transitions. [2024-10-11 03:01:25,679 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 98 transitions. Word has length 22 [2024-10-11 03:01:25,679 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:25,683 INFO L471 AbstractCegarLoop]: Abstraction has 72 states and 98 transitions. [2024-10-11 03:01:25,683 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,683 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 98 transitions. [2024-10-11 03:01:25,685 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-11 03:01:25,685 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,685 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,686 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-11 03:01:25,686 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,687 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,687 INFO L85 PathProgramCache]: Analyzing trace with hash 693383338, now seen corresponding path program 1 times [2024-10-11 03:01:25,687 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,687 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [886730606] [2024-10-11 03:01:25,687 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,687 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,766 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:25,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,769 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:25,774 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,775 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,779 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,779 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [886730606] [2024-10-11 03:01:25,779 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [886730606] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,779 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,780 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:25,780 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [78156591] [2024-10-11 03:01:25,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,781 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:25,781 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:25,782 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,783 INFO L87 Difference]: Start difference. First operand 72 states and 98 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,818 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,820 INFO L93 Difference]: Finished difference Result 114 states and 154 transitions. [2024-10-11 03:01:25,821 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:25,821 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-11 03:01:25,821 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,822 INFO L225 Difference]: With dead ends: 114 [2024-10-11 03:01:25,822 INFO L226 Difference]: Without dead ends: 64 [2024-10-11 03:01:25,823 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,824 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 14 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,824 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 130 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,825 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-11 03:01:25,829 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-11 03:01:25,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4444444444444444) internal successors, (65), 53 states have internal predecessors, (65), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-11 03:01:25,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 87 transitions. [2024-10-11 03:01:25,830 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 87 transitions. Word has length 23 [2024-10-11 03:01:25,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:25,830 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 87 transitions. [2024-10-11 03:01:25,831 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:25,831 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 87 transitions. [2024-10-11 03:01:25,831 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-11 03:01:25,832 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:25,832 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:25,832 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-11 03:01:25,832 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:25,832 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:25,832 INFO L85 PathProgramCache]: Analyzing trace with hash 2054145718, now seen corresponding path program 1 times [2024-10-11 03:01:25,833 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:25,833 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [145044469] [2024-10-11 03:01:25,833 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:25,833 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:25,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,911 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:25,913 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,915 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-11 03:01:25,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:25,918 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:25,919 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:25,919 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [145044469] [2024-10-11 03:01:25,919 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [145044469] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:25,920 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:25,920 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-11 03:01:25,920 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [421156129] [2024-10-11 03:01:25,920 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:25,921 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-11 03:01:25,921 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:25,922 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-11 03:01:25,922 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,922 INFO L87 Difference]: Start difference. First operand 64 states and 87 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:25,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:25,978 INFO L93 Difference]: Finished difference Result 188 states and 258 transitions. [2024-10-11 03:01:25,980 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-11 03:01:25,980 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-11 03:01:25,980 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:25,982 INFO L225 Difference]: With dead ends: 188 [2024-10-11 03:01:25,982 INFO L226 Difference]: Without dead ends: 126 [2024-10-11 03:01:25,983 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-11 03:01:25,984 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 78 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 155 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:25,984 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 155 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-11 03:01:25,985 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2024-10-11 03:01:26,002 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 123. [2024-10-11 03:01:26,004 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 86 states have (on average 1.4534883720930232) internal successors, (125), 101 states have internal predecessors, (125), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-10-11 03:01:26,006 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 169 transitions. [2024-10-11 03:01:26,006 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 169 transitions. Word has length 26 [2024-10-11 03:01:26,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,007 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 169 transitions. [2024-10-11 03:01:26,007 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-11 03:01:26,007 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 169 transitions. [2024-10-11 03:01:26,008 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-11 03:01:26,008 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,008 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,008 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-11 03:01:26,009 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,009 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,009 INFO L85 PathProgramCache]: Analyzing trace with hash -1857500800, now seen corresponding path program 1 times [2024-10-11 03:01:26,009 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,009 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2093455516] [2024-10-11 03:01:26,010 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,010 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-11 03:01:26,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:26,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,118 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-11 03:01:26,118 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,118 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2093455516] [2024-10-11 03:01:26,119 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2093455516] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,119 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,119 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-11 03:01:26,119 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1092035090] [2024-10-11 03:01:26,119 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,121 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-11 03:01:26,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-11 03:01:26,122 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-11 03:01:26,122 INFO L87 Difference]: Start difference. First operand 123 states and 169 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,276 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,276 INFO L93 Difference]: Finished difference Result 324 states and 453 transitions. [2024-10-11 03:01:26,277 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:26,277 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2024-10-11 03:01:26,277 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,279 INFO L225 Difference]: With dead ends: 324 [2024-10-11 03:01:26,279 INFO L226 Difference]: Without dead ends: 203 [2024-10-11 03:01:26,280 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:26,281 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 44 mSDsluCounter, 248 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 322 SdHoareTripleChecker+Invalid, 127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,281 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 322 Invalid, 127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:26,282 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 203 states. [2024-10-11 03:01:26,296 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 203 to 202. [2024-10-11 03:01:26,297 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 202 states, 143 states have (on average 1.3776223776223777) internal successors, (197), 158 states have internal predecessors, (197), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-10-11 03:01:26,298 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 202 states to 202 states and 269 transitions. [2024-10-11 03:01:26,299 INFO L78 Accepts]: Start accepts. Automaton has 202 states and 269 transitions. Word has length 29 [2024-10-11 03:01:26,299 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,299 INFO L471 AbstractCegarLoop]: Abstraction has 202 states and 269 transitions. [2024-10-11 03:01:26,299 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-11 03:01:26,299 INFO L276 IsEmpty]: Start isEmpty. Operand 202 states and 269 transitions. [2024-10-11 03:01:26,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,300 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,301 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,301 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-11 03:01:26,301 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,301 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,301 INFO L85 PathProgramCache]: Analyzing trace with hash -1296137227, now seen corresponding path program 1 times [2024-10-11 03:01:26,301 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,302 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1479496901] [2024-10-11 03:01:26,302 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,302 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,341 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,342 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,345 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,363 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,365 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,365 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,365 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1479496901] [2024-10-11 03:01:26,365 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1479496901] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,365 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,365 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,366 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [717131269] [2024-10-11 03:01:26,366 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,366 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,366 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,366 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,367 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,367 INFO L87 Difference]: Start difference. First operand 202 states and 269 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,486 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,487 INFO L93 Difference]: Finished difference Result 446 states and 601 transitions. [2024-10-11 03:01:26,487 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:26,487 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:26,487 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,489 INFO L225 Difference]: With dead ends: 446 [2024-10-11 03:01:26,489 INFO L226 Difference]: Without dead ends: 246 [2024-10-11 03:01:26,493 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,494 INFO L432 NwaCegarLoop]: 64 mSDtfsCounter, 48 mSDsluCounter, 140 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 204 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,495 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 204 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:26,495 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 246 states. [2024-10-11 03:01:26,549 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 246 to 244. [2024-10-11 03:01:26,549 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 244 states, 175 states have (on average 1.3542857142857143) internal successors, (237), 190 states have internal predecessors, (237), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-11 03:01:26,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 244 states to 244 states and 323 transitions. [2024-10-11 03:01:26,553 INFO L78 Accepts]: Start accepts. Automaton has 244 states and 323 transitions. Word has length 38 [2024-10-11 03:01:26,553 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,554 INFO L471 AbstractCegarLoop]: Abstraction has 244 states and 323 transitions. [2024-10-11 03:01:26,554 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,554 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 323 transitions. [2024-10-11 03:01:26,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,557 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,557 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,558 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-11 03:01:26,558 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,558 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,558 INFO L85 PathProgramCache]: Analyzing trace with hash 1718966391, now seen corresponding path program 1 times [2024-10-11 03:01:26,558 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,558 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [849647396] [2024-10-11 03:01:26,559 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,559 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,622 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,630 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,656 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,659 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,660 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,660 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [849647396] [2024-10-11 03:01:26,660 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [849647396] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,660 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,660 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,660 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1048466004] [2024-10-11 03:01:26,661 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,661 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,661 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,662 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,662 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,662 INFO L87 Difference]: Start difference. First operand 244 states and 323 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,798 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:26,798 INFO L93 Difference]: Finished difference Result 492 states and 667 transitions. [2024-10-11 03:01:26,799 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-11 03:01:26,799 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:26,799 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:26,804 INFO L225 Difference]: With dead ends: 492 [2024-10-11 03:01:26,804 INFO L226 Difference]: Without dead ends: 250 [2024-10-11 03:01:26,805 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:26,806 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 48 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:26,807 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 201 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-11 03:01:26,808 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2024-10-11 03:01:26,834 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 248. [2024-10-11 03:01:26,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 248 states, 179 states have (on average 1.3463687150837989) internal successors, (241), 194 states have internal predecessors, (241), 36 states have call successors, (36), 26 states have call predecessors, (36), 32 states have return successors, (50), 37 states have call predecessors, (50), 36 states have call successors, (50) [2024-10-11 03:01:26,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 248 states to 248 states and 327 transitions. [2024-10-11 03:01:26,839 INFO L78 Accepts]: Start accepts. Automaton has 248 states and 327 transitions. Word has length 38 [2024-10-11 03:01:26,839 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:26,839 INFO L471 AbstractCegarLoop]: Abstraction has 248 states and 327 transitions. [2024-10-11 03:01:26,839 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:26,839 INFO L276 IsEmpty]: Start isEmpty. Operand 248 states and 327 transitions. [2024-10-11 03:01:26,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-11 03:01:26,840 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:26,840 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:26,841 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-11 03:01:26,841 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:26,841 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:26,841 INFO L85 PathProgramCache]: Analyzing trace with hash 130618489, now seen corresponding path program 1 times [2024-10-11 03:01:26,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:26,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1022338074] [2024-10-11 03:01:26,842 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:26,842 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:26,848 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,882 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-11 03:01:26,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,890 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-11 03:01:26,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,905 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-11 03:01:26,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:26,907 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:26,908 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:26,908 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1022338074] [2024-10-11 03:01:26,908 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1022338074] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:26,908 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:26,908 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-11 03:01:26,909 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1705551444] [2024-10-11 03:01:26,909 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:26,909 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-11 03:01:26,909 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:26,909 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-11 03:01:26,910 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-11 03:01:26,910 INFO L87 Difference]: Start difference. First operand 248 states and 327 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:27,108 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,108 INFO L93 Difference]: Finished difference Result 732 states and 999 transitions. [2024-10-11 03:01:27,108 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-11 03:01:27,109 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-11 03:01:27,109 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,112 INFO L225 Difference]: With dead ends: 732 [2024-10-11 03:01:27,114 INFO L226 Difference]: Without dead ends: 486 [2024-10-11 03:01:27,115 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:27,116 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 193 mSDsluCounter, 120 mSDsCounter, 0 mSdLazyCounter, 175 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 200 SdHoareTripleChecker+Valid, 216 SdHoareTripleChecker+Invalid, 236 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 175 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,116 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [200 Valid, 216 Invalid, 236 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 175 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:27,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 486 states. [2024-10-11 03:01:27,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 486 to 480. [2024-10-11 03:01:27,143 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 480 states, 345 states have (on average 1.2927536231884058) internal successors, (446), 369 states have internal predecessors, (446), 73 states have call successors, (73), 59 states have call predecessors, (73), 61 states have return successors, (111), 72 states have call predecessors, (111), 73 states have call successors, (111) [2024-10-11 03:01:27,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 480 states to 480 states and 630 transitions. [2024-10-11 03:01:27,147 INFO L78 Accepts]: Start accepts. Automaton has 480 states and 630 transitions. Word has length 38 [2024-10-11 03:01:27,147 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,147 INFO L471 AbstractCegarLoop]: Abstraction has 480 states and 630 transitions. [2024-10-11 03:01:27,147 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-11 03:01:27,148 INFO L276 IsEmpty]: Start isEmpty. Operand 480 states and 630 transitions. [2024-10-11 03:01:27,150 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-11 03:01:27,150 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,150 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,150 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-11 03:01:27,150 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,151 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,151 INFO L85 PathProgramCache]: Analyzing trace with hash 26928479, now seen corresponding path program 1 times [2024-10-11 03:01:27,151 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,151 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [700342491] [2024-10-11 03:01:27,151 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,152 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,268 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:27,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,275 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-11 03:01:27,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-11 03:01:27,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,303 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-11 03:01:27,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,307 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-11 03:01:27,307 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,307 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [700342491] [2024-10-11 03:01:27,308 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [700342491] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,308 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,308 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-11 03:01:27,308 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1944986727] [2024-10-11 03:01:27,308 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,308 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-11 03:01:27,308 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,308 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-11 03:01:27,309 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-11 03:01:27,309 INFO L87 Difference]: Start difference. First operand 480 states and 630 transitions. Second operand has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:27,796 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:27,796 INFO L93 Difference]: Finished difference Result 1279 states and 1780 transitions. [2024-10-11 03:01:27,796 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-10-11 03:01:27,797 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-11 03:01:27,797 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:27,801 INFO L225 Difference]: With dead ends: 1279 [2024-10-11 03:01:27,801 INFO L226 Difference]: Without dead ends: 891 [2024-10-11 03:01:27,803 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 86 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=125, Invalid=337, Unknown=0, NotChecked=0, Total=462 [2024-10-11 03:01:27,803 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 415 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 471 mSolverCounterSat, 150 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 423 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 621 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 150 IncrementalHoareTripleChecker+Valid, 471 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:27,804 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [423 Valid, 350 Invalid, 621 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [150 Valid, 471 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-11 03:01:27,804 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 891 states. [2024-10-11 03:01:27,852 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 891 to 822. [2024-10-11 03:01:27,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 822 states, 590 states have (on average 1.2915254237288136) internal successors, (762), 638 states have internal predecessors, (762), 124 states have call successors, (124), 94 states have call predecessors, (124), 107 states have return successors, (194), 121 states have call predecessors, (194), 124 states have call successors, (194) [2024-10-11 03:01:27,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 822 states to 822 states and 1080 transitions. [2024-10-11 03:01:27,858 INFO L78 Accepts]: Start accepts. Automaton has 822 states and 1080 transitions. Word has length 42 [2024-10-11 03:01:27,858 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:27,858 INFO L471 AbstractCegarLoop]: Abstraction has 822 states and 1080 transitions. [2024-10-11 03:01:27,859 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.5555555555555554) internal successors, (32), 7 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-11 03:01:27,859 INFO L276 IsEmpty]: Start isEmpty. Operand 822 states and 1080 transitions. [2024-10-11 03:01:27,860 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-10-11 03:01:27,860 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:27,860 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:27,860 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-11 03:01:27,860 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:27,861 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:27,861 INFO L85 PathProgramCache]: Analyzing trace with hash 1647102064, now seen corresponding path program 1 times [2024-10-11 03:01:27,861 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:27,861 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [86953023] [2024-10-11 03:01:27,861 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:27,861 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:27,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,892 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:27,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,900 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-11 03:01:27,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,910 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:27,911 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,918 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:27,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,921 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-11 03:01:27,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,924 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-11 03:01:27,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:27,925 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:27,925 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:27,925 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [86953023] [2024-10-11 03:01:27,925 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [86953023] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-11 03:01:27,925 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-11 03:01:27,925 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-11 03:01:27,925 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2119985265] [2024-10-11 03:01:27,925 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-11 03:01:27,926 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-11 03:01:27,926 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:27,928 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-11 03:01:27,928 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-11 03:01:27,929 INFO L87 Difference]: Start difference. First operand 822 states and 1080 transitions. Second operand has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:28,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:28,207 INFO L93 Difference]: Finished difference Result 1404 states and 1834 transitions. [2024-10-11 03:01:28,207 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-11 03:01:28,207 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 67 [2024-10-11 03:01:28,207 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:28,211 INFO L225 Difference]: With dead ends: 1404 [2024-10-11 03:01:28,211 INFO L226 Difference]: Without dead ends: 584 [2024-10-11 03:01:28,213 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-11 03:01:28,215 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 259 mSDsluCounter, 142 mSDsCounter, 0 mSdLazyCounter, 254 mSolverCounterSat, 94 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 268 SdHoareTripleChecker+Valid, 224 SdHoareTripleChecker+Invalid, 348 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 94 IncrementalHoareTripleChecker+Valid, 254 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:28,215 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [268 Valid, 224 Invalid, 348 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [94 Valid, 254 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-11 03:01:28,216 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 584 states. [2024-10-11 03:01:28,241 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 584 to 500. [2024-10-11 03:01:28,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 500 states, 360 states have (on average 1.2694444444444444) internal successors, (457), 390 states have internal predecessors, (457), 75 states have call successors, (75), 57 states have call predecessors, (75), 64 states have return successors, (108), 73 states have call predecessors, (108), 75 states have call successors, (108) [2024-10-11 03:01:28,244 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 500 states to 500 states and 640 transitions. [2024-10-11 03:01:28,245 INFO L78 Accepts]: Start accepts. Automaton has 500 states and 640 transitions. Word has length 67 [2024-10-11 03:01:28,246 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:28,246 INFO L471 AbstractCegarLoop]: Abstraction has 500 states and 640 transitions. [2024-10-11 03:01:28,247 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-11 03:01:28,247 INFO L276 IsEmpty]: Start isEmpty. Operand 500 states and 640 transitions. [2024-10-11 03:01:28,248 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2024-10-11 03:01:28,248 INFO L207 NwaCegarLoop]: Found error trace [2024-10-11 03:01:28,248 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:28,248 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-11 03:01:28,248 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-11 03:01:28,249 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-11 03:01:28,249 INFO L85 PathProgramCache]: Analyzing trace with hash 941485235, now seen corresponding path program 1 times [2024-10-11 03:01:28,249 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-11 03:01:28,249 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1024935252] [2024-10-11 03:01:28,249 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:28,249 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-11 03:01:28,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,338 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-11 03:01:28,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,348 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-11 03:01:28,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,362 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-11 03:01:28,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,370 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-11 03:01:28,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,381 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-11 03:01:28,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,393 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-10-11 03:01:28,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,395 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-11 03:01:28,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,396 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-10-11 03:01:28,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,398 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:28,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-11 03:01:28,399 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1024935252] [2024-10-11 03:01:28,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1024935252] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-11 03:01:28,401 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1533592722] [2024-10-11 03:01:28,401 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-11 03:01:28,401 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-11 03:01:28,401 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 [2024-10-11 03:01:28,402 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-11 03:01:28,404 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-11 03:01:28,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-11 03:01:28,471 INFO L255 TraceCheckSpWp]: Trace formula consists of 282 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-11 03:01:28,476 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-11 03:01:28,610 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-11 03:01:28,611 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-11 03:01:28,768 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-11 03:01:28,769 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1533592722] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-11 03:01:28,769 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-11 03:01:28,769 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-11 03:01:28,769 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [458287117] [2024-10-11 03:01:28,769 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-11 03:01:28,770 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-11 03:01:28,770 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-11 03:01:28,770 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-11 03:01:28,771 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-11 03:01:28,771 INFO L87 Difference]: Start difference. First operand 500 states and 640 transitions. Second operand has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 10 states have internal predecessors, (91), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-11 03:01:29,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-11 03:01:29,749 INFO L93 Difference]: Finished difference Result 1106 states and 1457 transitions. [2024-10-11 03:01:29,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-10-11 03:01:29,749 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 10 states have internal predecessors, (91), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 76 [2024-10-11 03:01:29,750 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-11 03:01:29,751 INFO L225 Difference]: With dead ends: 1106 [2024-10-11 03:01:29,751 INFO L226 Difference]: Without dead ends: 0 [2024-10-11 03:01:29,754 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 221 GetRequests, 172 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 583 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=451, Invalid=1711, Unknown=0, NotChecked=0, Total=2162 [2024-10-11 03:01:29,754 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 351 mSDsluCounter, 647 mSDsCounter, 0 mSdLazyCounter, 1133 mSolverCounterSat, 144 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 359 SdHoareTripleChecker+Valid, 767 SdHoareTripleChecker+Invalid, 1277 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 144 IncrementalHoareTripleChecker+Valid, 1133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-11 03:01:29,755 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [359 Valid, 767 Invalid, 1277 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [144 Valid, 1133 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-11 03:01:29,756 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-11 03:01:29,756 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-11 03:01:29,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-11 03:01:29,756 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-11 03:01:29,756 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 76 [2024-10-11 03:01:29,757 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-11 03:01:29,757 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-11 03:01:29,757 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 10 states have internal predecessors, (91), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-11 03:01:29,757 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-11 03:01:29,757 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-11 03:01:29,759 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-11 03:01:29,776 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-11 03:01:29,960 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-11 03:01:29,962 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-11 03:01:29,964 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-11 03:01:33,015 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-11 03:01:33,028 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-11 03:01:33,039 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:33,050 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-11 03:01:33,055 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-11 03:01:33,066 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.10 03:01:33 BoogieIcfgContainer [2024-10-11 03:01:33,066 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-11 03:01:33,066 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-11 03:01:33,067 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-11 03:01:33,067 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-11 03:01:33,067 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.10 03:01:25" (3/4) ... [2024-10-11 03:01:33,069 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-11 03:01:33,071 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-11 03:01:33,071 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-11 03:01:33,072 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-11 03:01:33,077 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 35 nodes and edges [2024-10-11 03:01:33,077 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-11 03:01:33,078 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-11 03:01:33,078 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:33,078 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-11 03:01:33,155 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-11 03:01:33,156 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-11 03:01:33,156 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-11 03:01:33,156 INFO L158 Benchmark]: Toolchain (without parser) took 8784.04ms. Allocated memory was 130.0MB in the beginning and 272.6MB in the end (delta: 142.6MB). Free memory was 57.1MB in the beginning and 152.9MB in the end (delta: -95.8MB). Peak memory consumption was 48.9MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,156 INFO L158 Benchmark]: CDTParser took 0.12ms. Allocated memory is still 130.0MB. Free memory was 91.2MB in the beginning and 91.0MB in the end (delta: 140.2kB). There was no memory consumed. Max. memory is 16.1GB. [2024-10-11 03:01:33,156 INFO L158 Benchmark]: CACSL2BoogieTranslator took 411.05ms. Allocated memory was 130.0MB in the beginning and 188.7MB in the end (delta: 58.7MB). Free memory was 56.9MB in the beginning and 143.6MB in the end (delta: -86.8MB). Peak memory consumption was 13.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,157 INFO L158 Benchmark]: Boogie Procedure Inliner took 35.82ms. Allocated memory is still 188.7MB. Free memory was 143.6MB in the beginning and 141.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,157 INFO L158 Benchmark]: Boogie Preprocessor took 44.02ms. Allocated memory is still 188.7MB. Free memory was 141.5MB in the beginning and 138.6MB in the end (delta: 3.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,157 INFO L158 Benchmark]: RCFGBuilder took 374.16ms. Allocated memory is still 188.7MB. Free memory was 138.6MB in the beginning and 114.3MB in the end (delta: 24.3MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,157 INFO L158 Benchmark]: TraceAbstraction took 7824.14ms. Allocated memory was 188.7MB in the beginning and 272.6MB in the end (delta: 83.9MB). Free memory was 113.4MB in the beginning and 160.2MB in the end (delta: -46.8MB). Peak memory consumption was 121.8MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,157 INFO L158 Benchmark]: Witness Printer took 89.17ms. Allocated memory is still 272.6MB. Free memory was 160.2MB in the beginning and 152.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-11 03:01:33,159 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.12ms. Allocated memory is still 130.0MB. Free memory was 91.2MB in the beginning and 91.0MB in the end (delta: 140.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 411.05ms. Allocated memory was 130.0MB in the beginning and 188.7MB in the end (delta: 58.7MB). Free memory was 56.9MB in the beginning and 143.6MB in the end (delta: -86.8MB). Peak memory consumption was 13.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 35.82ms. Allocated memory is still 188.7MB. Free memory was 143.6MB in the beginning and 141.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 44.02ms. Allocated memory is still 188.7MB. Free memory was 141.5MB in the beginning and 138.6MB in the end (delta: 3.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 374.16ms. Allocated memory is still 188.7MB. Free memory was 138.6MB in the beginning and 114.3MB in the end (delta: 24.3MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 7824.14ms. Allocated memory was 188.7MB in the beginning and 272.6MB in the end (delta: 83.9MB). Free memory was 113.4MB in the beginning and 160.2MB in the end (delta: -46.8MB). Peak memory consumption was 121.8MB. Max. memory is 16.1GB. * Witness Printer took 89.17ms. Allocated memory is still 272.6MB. Free memory was 160.2MB in the beginning and 152.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] - GenericResultAtLocation [Line: 521]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [521] - GenericResultAtLocation [Line: 530]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [530] - GenericResultAtLocation [Line: 581]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [581] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 760]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [760] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 526]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 77 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.7s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1495 SdHoareTripleChecker+Valid, 1.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1450 mSDsluCounter, 2656 SdHoareTripleChecker+Invalid, 1.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1835 mSDsCounter, 485 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2475 IncrementalHoareTripleChecker+Invalid, 2960 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 485 mSolverCounterUnsat, 821 mSDtfsCounter, 2475 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 354 GetRequests, 249 SyntacticMatches, 4 SemanticMatches, 101 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 699 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=822occurred in iteration=8, InterpolantAutomatonStates: 100, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 167 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.1s InterpolantComputationTime, 475 NumberOfCodeBlocks, 475 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 539 ConstructedInterpolants, 0 QuantifiedInterpolants, 1037 SizeOfPredicates, 2 NumberOfNonLiveVariables, 282 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 98/119 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 702]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 701]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 860]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) Ensures: ((pumpRunning == 0) && ((((2 == waterLevel) && (1 == systemActive)) && (1 <= \old(pumpRunning))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 793]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 613]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 766]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 418]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 801]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 601]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 879]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) RESULT: Ultimate proved your program to be correct! [2024-10-11 03:01:33,187 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate-clean/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE