./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3ab30b3db91b0e47e6f9b2ed9ba465facc49148e5cdc1cad78e4808ba0c7de84 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:42:41,162 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:42:41,228 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:42:41,234 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:42:41,235 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:42:41,270 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:42:41,271 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:42:41,271 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:42:41,272 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:42:41,272 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:42:41,273 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:42:41,273 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:42:41,274 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:42:41,276 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:42:41,276 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:42:41,277 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:42:41,277 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:42:41,277 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:42:41,283 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:42:41,283 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:42:41,283 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:42:41,286 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:42:41,286 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:42:41,286 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:42:41,287 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:42:41,287 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:42:41,287 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:42:41,287 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:42:41,288 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:42:41,288 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:42:41,288 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:42:41,288 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:42:41,288 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:41,288 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:42:41,289 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:42:41,289 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:42:41,291 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:42:41,291 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:42:41,291 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:42:41,291 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:42:41,291 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:42:41,292 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:42:41,292 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3ab30b3db91b0e47e6f9b2ed9ba465facc49148e5cdc1cad78e4808ba0c7de84 [2024-10-12 19:42:41,542 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:42:41,567 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:42:41,570 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:42:41,571 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:42:41,571 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:42:41,573 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c [2024-10-12 19:42:43,016 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:42:43,264 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:42:43,264 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c [2024-10-12 19:42:43,276 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0b02cd145/b666559f63bb44199efabbac01585982/FLAG6e701dd62 [2024-10-12 19:42:43,291 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0b02cd145/b666559f63bb44199efabbac01585982 [2024-10-12 19:42:43,293 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:42:43,294 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:42:43,295 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:43,295 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:42:43,301 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:42:43,302 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,302 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3ad963ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43, skipping insertion in model container [2024-10-12 19:42:43,303 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,350 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:42:43,572 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c[5071,5084] [2024-10-12 19:42:43,656 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:43,666 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:42:43,674 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-10-12 19:42:43,676 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [150] [2024-10-12 19:42:43,676 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [201] [2024-10-12 19:42:43,680 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [304] [2024-10-12 19:42:43,680 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [313] [2024-10-12 19:42:43,681 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [496] [2024-10-12 19:42:43,681 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [561] [2024-10-12 19:42:43,681 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [596] [2024-10-12 19:42:43,697 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c[5071,5084] [2024-10-12 19:42:43,764 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:43,792 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:42:43,792 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43 WrapperNode [2024-10-12 19:42:43,792 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:43,794 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:43,794 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:42:43,794 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:42:43,801 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,821 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,858 INFO L138 Inliner]: procedures = 55, calls = 100, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 203 [2024-10-12 19:42:43,861 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:43,863 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:42:43,863 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:42:43,863 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:42:43,872 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,872 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,874 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,887 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:42:43,888 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,888 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,893 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,897 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,899 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,900 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,902 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:42:43,903 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:42:43,903 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:42:43,903 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:42:43,904 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (1/1) ... [2024-10-12 19:42:43,909 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:43,919 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:42:43,932 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:42:43,935 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:42:43,986 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:42:43,986 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:42:43,986 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:42:43,986 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:42:43,986 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:42:43,987 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:42:43,987 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:42:43,987 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:43,987 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:43,987 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:42:43,987 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:42:43,987 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-12 19:42:43,987 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-12 19:42:43,988 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:42:43,988 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:42:43,988 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:42:43,988 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:42:43,988 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:42:44,057 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:42:44,059 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:42:44,289 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-10-12 19:42:44,290 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:42:44,375 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:42:44,375 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:42:44,376 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:44 BoogieIcfgContainer [2024-10-12 19:42:44,376 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:42:44,379 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:42:44,379 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:42:44,383 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:42:44,383 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:42:43" (1/3) ... [2024-10-12 19:42:44,384 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@682607f8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:44, skipping insertion in model container [2024-10-12 19:42:44,384 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:43" (2/3) ... [2024-10-12 19:42:44,385 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@682607f8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:44, skipping insertion in model container [2024-10-12 19:42:44,385 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:44" (3/3) ... [2024-10-12 19:42:44,387 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product37.cil.c [2024-10-12 19:42:44,403 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:42:44,403 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:42:44,458 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:42:44,464 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@388c5d4, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:42:44,464 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:42:44,468 INFO L276 IsEmpty]: Start isEmpty. Operand has 69 states, 48 states have (on average 1.5416666666666667) internal successors, (74), 56 states have internal predecessors, (74), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-12 19:42:44,476 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-12 19:42:44,476 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:44,476 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:44,477 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:44,480 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:44,481 INFO L85 PathProgramCache]: Analyzing trace with hash 1588392176, now seen corresponding path program 1 times [2024-10-12 19:42:44,487 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:44,488 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [644970246] [2024-10-12 19:42:44,488 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:44,488 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:44,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:44,673 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:42:44,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:44,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:42:44,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:44,685 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:44,685 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:44,686 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [644970246] [2024-10-12 19:42:44,686 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [644970246] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:44,686 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:44,686 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:42:44,688 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1308833636] [2024-10-12 19:42:44,688 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:44,692 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:42:44,692 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:44,724 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:42:44,725 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:42:44,727 INFO L87 Difference]: Start difference. First operand has 69 states, 48 states have (on average 1.5416666666666667) internal successors, (74), 56 states have internal predecessors, (74), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:44,808 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:44,809 INFO L93 Difference]: Finished difference Result 136 states and 197 transitions. [2024-10-12 19:42:44,810 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:42:44,811 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-12 19:42:44,811 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:44,818 INFO L225 Difference]: With dead ends: 136 [2024-10-12 19:42:44,818 INFO L226 Difference]: Without dead ends: 64 [2024-10-12 19:42:44,821 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:42:44,824 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 79 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:44,825 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 79 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:44,839 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-12 19:42:44,864 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-12 19:42:44,866 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 52 states have internal predecessors, (64), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-12 19:42:44,868 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 87 transitions. [2024-10-12 19:42:44,870 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 87 transitions. Word has length 22 [2024-10-12 19:42:44,870 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:44,870 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 87 transitions. [2024-10-12 19:42:44,871 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:44,871 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 87 transitions. [2024-10-12 19:42:44,876 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-12 19:42:44,876 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:44,876 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:44,876 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:42:44,876 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:44,877 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:44,878 INFO L85 PathProgramCache]: Analyzing trace with hash 53850804, now seen corresponding path program 1 times [2024-10-12 19:42:44,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:44,878 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1239862840] [2024-10-12 19:42:44,879 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:44,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:44,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:44,991 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:42:44,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,002 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:42:45,004 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,009 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:45,009 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:45,010 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1239862840] [2024-10-12 19:42:45,010 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1239862840] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:45,010 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:45,010 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:42:45,010 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [914637246] [2024-10-12 19:42:45,010 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:45,016 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:42:45,016 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:45,017 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:42:45,017 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,017 INFO L87 Difference]: Start difference. First operand 64 states and 87 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:45,059 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:45,060 INFO L93 Difference]: Finished difference Result 101 states and 137 transitions. [2024-10-12 19:42:45,062 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:42:45,062 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-12 19:42:45,062 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:45,063 INFO L225 Difference]: With dead ends: 101 [2024-10-12 19:42:45,063 INFO L226 Difference]: Without dead ends: 56 [2024-10-12 19:42:45,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,067 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 11 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:45,068 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 116 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:42:45,069 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2024-10-12 19:42:45,078 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2024-10-12 19:42:45,078 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 40 states have (on average 1.45) internal successors, (58), 47 states have internal predecessors, (58), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:42:45,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 76 transitions. [2024-10-12 19:42:45,081 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 76 transitions. Word has length 23 [2024-10-12 19:42:45,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:45,081 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 76 transitions. [2024-10-12 19:42:45,082 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:45,082 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 76 transitions. [2024-10-12 19:42:45,083 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:42:45,084 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:45,084 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:45,084 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:42:45,084 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:45,085 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:45,085 INFO L85 PathProgramCache]: Analyzing trace with hash -1790463453, now seen corresponding path program 1 times [2024-10-12 19:42:45,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:45,085 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1831555067] [2024-10-12 19:42:45,085 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:45,085 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:45,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,191 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:45,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,197 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:42:45,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,200 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:45,200 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:45,200 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1831555067] [2024-10-12 19:42:45,200 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1831555067] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:45,201 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:45,201 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:42:45,201 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1603729118] [2024-10-12 19:42:45,201 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:45,202 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:42:45,202 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:45,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:42:45,203 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,203 INFO L87 Difference]: Start difference. First operand 56 states and 76 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:45,248 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:45,248 INFO L93 Difference]: Finished difference Result 110 states and 151 transitions. [2024-10-12 19:42:45,250 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:42:45,250 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-12 19:42:45,250 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:45,251 INFO L225 Difference]: With dead ends: 110 [2024-10-12 19:42:45,251 INFO L226 Difference]: Without dead ends: 56 [2024-10-12 19:42:45,252 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,253 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 61 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 63 SdHoareTripleChecker+Invalid, 12 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:45,256 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 63 Invalid, 12 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:42:45,257 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2024-10-12 19:42:45,264 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2024-10-12 19:42:45,264 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 40 states have (on average 1.425) internal successors, (57), 47 states have internal predecessors, (57), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:42:45,265 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 75 transitions. [2024-10-12 19:42:45,265 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 75 transitions. Word has length 26 [2024-10-12 19:42:45,266 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:45,267 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 75 transitions. [2024-10-12 19:42:45,267 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:45,267 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 75 transitions. [2024-10-12 19:42:45,268 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-12 19:42:45,268 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:45,268 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:45,268 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:42:45,268 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:45,269 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:45,269 INFO L85 PathProgramCache]: Analyzing trace with hash -1250402447, now seen corresponding path program 1 times [2024-10-12 19:42:45,269 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:45,269 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [336656323] [2024-10-12 19:42:45,269 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:45,269 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:45,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,377 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:45,379 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,383 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:42:45,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,388 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:45,388 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:45,388 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [336656323] [2024-10-12 19:42:45,388 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [336656323] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:45,388 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:45,388 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:42:45,389 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2140252645] [2024-10-12 19:42:45,389 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:45,391 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:42:45,391 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:45,391 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:42:45,392 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,392 INFO L87 Difference]: Start difference. First operand 56 states and 75 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:45,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:45,472 INFO L93 Difference]: Finished difference Result 152 states and 207 transitions. [2024-10-12 19:42:45,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:42:45,473 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2024-10-12 19:42:45,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:45,475 INFO L225 Difference]: With dead ends: 152 [2024-10-12 19:42:45,475 INFO L226 Difference]: Without dead ends: 98 [2024-10-12 19:42:45,475 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:45,480 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 49 mSDsluCounter, 50 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:45,480 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 126 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:45,481 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2024-10-12 19:42:45,503 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 96. [2024-10-12 19:42:45,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 76 states have internal predecessors, (95), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-12 19:42:45,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 127 transitions. [2024-10-12 19:42:45,505 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 127 transitions. Word has length 29 [2024-10-12 19:42:45,505 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:45,505 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 127 transitions. [2024-10-12 19:42:45,506 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:45,506 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 127 transitions. [2024-10-12 19:42:45,509 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:45,509 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:45,509 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:45,511 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:42:45,511 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:45,512 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:45,512 INFO L85 PathProgramCache]: Analyzing trace with hash -808056548, now seen corresponding path program 1 times [2024-10-12 19:42:45,513 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:45,513 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [224336313] [2024-10-12 19:42:45,513 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:45,513 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:45,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,584 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:45,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,598 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:45,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,623 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:45,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,626 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:45,627 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:45,627 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [224336313] [2024-10-12 19:42:45,627 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [224336313] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:45,627 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:45,627 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:42:45,628 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1948198031] [2024-10-12 19:42:45,628 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:45,629 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:42:45,629 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:45,630 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:42:45,630 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:42:45,630 INFO L87 Difference]: Start difference. First operand 96 states and 127 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:45,799 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:45,799 INFO L93 Difference]: Finished difference Result 214 states and 288 transitions. [2024-10-12 19:42:45,800 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:42:45,800 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-12 19:42:45,801 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:45,802 INFO L225 Difference]: With dead ends: 214 [2024-10-12 19:42:45,802 INFO L226 Difference]: Without dead ends: 120 [2024-10-12 19:42:45,803 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:42:45,806 INFO L432 NwaCegarLoop]: 59 mSDtfsCounter, 43 mSDsluCounter, 131 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 190 SdHoareTripleChecker+Invalid, 127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:45,807 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 190 Invalid, 127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:45,807 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2024-10-12 19:42:45,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 118. [2024-10-12 19:42:45,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 86 states have (on average 1.372093023255814) internal successors, (118), 93 states have internal predecessors, (118), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:42:45,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 157 transitions. [2024-10-12 19:42:45,830 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 157 transitions. Word has length 38 [2024-10-12 19:42:45,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:45,831 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 157 transitions. [2024-10-12 19:42:45,831 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:45,831 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 157 transitions. [2024-10-12 19:42:45,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:45,835 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:45,836 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:45,836 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:42:45,836 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:45,836 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:45,836 INFO L85 PathProgramCache]: Analyzing trace with hash -2087920226, now seen corresponding path program 1 times [2024-10-12 19:42:45,837 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:45,837 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [963497216] [2024-10-12 19:42:45,837 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:45,837 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:45,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,937 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:45,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,947 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:45,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:45,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:45,986 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:45,986 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:45,986 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [963497216] [2024-10-12 19:42:45,987 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [963497216] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:45,987 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:45,987 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:42:45,987 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1415433185] [2024-10-12 19:42:45,987 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:45,988 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:42:45,988 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:45,988 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:42:45,988 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:42:45,989 INFO L87 Difference]: Start difference. First operand 118 states and 157 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-12 19:42:46,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:46,164 INFO L93 Difference]: Finished difference Result 238 states and 324 transitions. [2024-10-12 19:42:46,165 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-12 19:42:46,165 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 38 [2024-10-12 19:42:46,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:46,167 INFO L225 Difference]: With dead ends: 238 [2024-10-12 19:42:46,167 INFO L226 Difference]: Without dead ends: 122 [2024-10-12 19:42:46,168 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:42:46,173 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 96 mSDsluCounter, 125 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 148 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:46,173 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 181 Invalid, 148 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:46,176 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2024-10-12 19:42:46,197 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 120. [2024-10-12 19:42:46,199 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 95 states have internal predecessors, (120), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:42:46,200 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 159 transitions. [2024-10-12 19:42:46,201 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 159 transitions. Word has length 38 [2024-10-12 19:42:46,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:46,202 INFO L471 AbstractCegarLoop]: Abstraction has 120 states and 159 transitions. [2024-10-12 19:42:46,203 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-12 19:42:46,203 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 159 transitions. [2024-10-12 19:42:46,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:46,207 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:46,207 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:46,207 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:42:46,208 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:46,208 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:46,208 INFO L85 PathProgramCache]: Analyzing trace with hash 618699168, now seen corresponding path program 1 times [2024-10-12 19:42:46,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:46,208 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [819907143] [2024-10-12 19:42:46,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:46,209 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:46,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,277 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:46,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:46,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,308 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:46,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,312 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:46,312 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:46,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [819907143] [2024-10-12 19:42:46,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [819907143] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:46,312 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:46,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:42:46,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1023923954] [2024-10-12 19:42:46,313 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:46,313 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:42:46,313 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:46,314 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:42:46,314 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:42:46,314 INFO L87 Difference]: Start difference. First operand 120 states and 159 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:46,590 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:46,591 INFO L93 Difference]: Finished difference Result 396 states and 555 transitions. [2024-10-12 19:42:46,591 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:42:46,591 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-12 19:42:46,591 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:46,594 INFO L225 Difference]: With dead ends: 396 [2024-10-12 19:42:46,594 INFO L226 Difference]: Without dead ends: 278 [2024-10-12 19:42:46,595 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:42:46,596 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 184 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:46,596 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 241 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:42:46,597 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 278 states. [2024-10-12 19:42:46,638 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 278 to 268. [2024-10-12 19:42:46,639 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 195 states have (on average 1.3435897435897435) internal successors, (262), 207 states have internal predecessors, (262), 40 states have call successors, (40), 33 states have call predecessors, (40), 32 states have return successors, (64), 38 states have call predecessors, (64), 40 states have call successors, (64) [2024-10-12 19:42:46,641 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 366 transitions. [2024-10-12 19:42:46,642 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 366 transitions. Word has length 38 [2024-10-12 19:42:46,643 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:46,643 INFO L471 AbstractCegarLoop]: Abstraction has 268 states and 366 transitions. [2024-10-12 19:42:46,643 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:46,643 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 366 transitions. [2024-10-12 19:42:46,645 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-10-12 19:42:46,647 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:46,647 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:46,648 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:42:46,648 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:46,648 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:46,649 INFO L85 PathProgramCache]: Analyzing trace with hash -971235318, now seen corresponding path program 1 times [2024-10-12 19:42:46,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:46,649 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [887845314] [2024-10-12 19:42:46,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:46,649 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:46,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,742 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:46,744 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,759 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:42:46,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,769 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:42:46,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,776 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:42:46,777 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,778 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-12 19:42:46,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,791 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:42:46,792 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:46,792 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [887845314] [2024-10-12 19:42:46,792 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [887845314] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:46,794 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:46,794 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-12 19:42:46,794 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [972416540] [2024-10-12 19:42:46,794 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:46,794 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-12 19:42:46,794 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:46,795 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-12 19:42:46,795 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-10-12 19:42:46,795 INFO L87 Difference]: Start difference. First operand 268 states and 366 transitions. Second operand has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-10-12 19:42:47,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:47,259 INFO L93 Difference]: Finished difference Result 585 states and 815 transitions. [2024-10-12 19:42:47,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-12 19:42:47,260 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) Word has length 45 [2024-10-12 19:42:47,260 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:47,263 INFO L225 Difference]: With dead ends: 585 [2024-10-12 19:42:47,263 INFO L226 Difference]: Without dead ends: 319 [2024-10-12 19:42:47,264 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 83 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-10-12 19:42:47,265 INFO L432 NwaCegarLoop]: 43 mSDtfsCounter, 151 mSDsluCounter, 217 mSDsCounter, 0 mSdLazyCounter, 344 mSolverCounterSat, 59 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 155 SdHoareTripleChecker+Valid, 260 SdHoareTripleChecker+Invalid, 403 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 59 IncrementalHoareTripleChecker+Valid, 344 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:47,265 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [155 Valid, 260 Invalid, 403 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [59 Valid, 344 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-12 19:42:47,266 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 319 states. [2024-10-12 19:42:47,295 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 319 to 313. [2024-10-12 19:42:47,296 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 313 states, 227 states have (on average 1.3083700440528634) internal successors, (297), 243 states have internal predecessors, (297), 48 states have call successors, (48), 33 states have call predecessors, (48), 37 states have return successors, (83), 47 states have call predecessors, (83), 48 states have call successors, (83) [2024-10-12 19:42:47,300 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 313 states to 313 states and 428 transitions. [2024-10-12 19:42:47,300 INFO L78 Accepts]: Start accepts. Automaton has 313 states and 428 transitions. Word has length 45 [2024-10-12 19:42:47,301 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:47,301 INFO L471 AbstractCegarLoop]: Abstraction has 313 states and 428 transitions. [2024-10-12 19:42:47,301 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-10-12 19:42:47,302 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 428 transitions. [2024-10-12 19:42:47,302 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-12 19:42:47,303 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:47,303 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:47,303 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:42:47,303 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:47,303 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:47,304 INFO L85 PathProgramCache]: Analyzing trace with hash -1921015738, now seen corresponding path program 1 times [2024-10-12 19:42:47,304 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:47,304 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1009158447] [2024-10-12 19:42:47,304 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:47,304 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:47,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,433 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:47,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,441 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:42:47,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,451 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:42:47,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,470 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-12 19:42:47,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,474 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:47,474 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:47,474 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1009158447] [2024-10-12 19:42:47,475 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1009158447] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:47,475 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:47,475 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-12 19:42:47,475 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1870161704] [2024-10-12 19:42:47,475 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:47,476 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-12 19:42:47,476 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:47,477 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-12 19:42:47,477 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-12 19:42:47,477 INFO L87 Difference]: Start difference. First operand 313 states and 428 transitions. Second operand has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:42:47,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:47,906 INFO L93 Difference]: Finished difference Result 612 states and 845 transitions. [2024-10-12 19:42:47,906 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-12 19:42:47,907 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-12 19:42:47,907 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:47,909 INFO L225 Difference]: With dead ends: 612 [2024-10-12 19:42:47,909 INFO L226 Difference]: Without dead ends: 301 [2024-10-12 19:42:47,912 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-12 19:42:47,913 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 248 mSDsluCounter, 164 mSDsCounter, 0 mSdLazyCounter, 296 mSolverCounterSat, 81 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 251 SdHoareTripleChecker+Valid, 229 SdHoareTripleChecker+Invalid, 377 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 81 IncrementalHoareTripleChecker+Valid, 296 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:47,914 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [251 Valid, 229 Invalid, 377 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [81 Valid, 296 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-12 19:42:47,915 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2024-10-12 19:42:47,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 299. [2024-10-12 19:42:47,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 299 states, 217 states have (on average 1.2857142857142858) internal successors, (279), 233 states have internal predecessors, (279), 44 states have call successors, (44), 33 states have call predecessors, (44), 37 states have return successors, (79), 43 states have call predecessors, (79), 44 states have call successors, (79) [2024-10-12 19:42:47,948 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 402 transitions. [2024-10-12 19:42:47,949 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 402 transitions. Word has length 42 [2024-10-12 19:42:47,949 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:47,949 INFO L471 AbstractCegarLoop]: Abstraction has 299 states and 402 transitions. [2024-10-12 19:42:47,949 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:42:47,949 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 402 transitions. [2024-10-12 19:42:47,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2024-10-12 19:42:47,951 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:47,951 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:47,951 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:42:47,951 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:47,952 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:47,952 INFO L85 PathProgramCache]: Analyzing trace with hash 135385513, now seen corresponding path program 1 times [2024-10-12 19:42:47,952 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:47,952 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1377299410] [2024-10-12 19:42:47,952 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:47,952 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:47,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,049 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:48,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,063 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:42:48,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,086 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:42:48,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,096 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:42:48,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,106 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-12 19:42:48,108 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,120 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-12 19:42:48,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,124 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:42:48,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,127 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-10-12 19:42:48,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,129 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:42:48,129 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:48,129 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1377299410] [2024-10-12 19:42:48,132 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1377299410] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:42:48,133 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [814640897] [2024-10-12 19:42:48,133 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:48,133 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:42:48,133 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:42:48,137 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:42:48,139 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:42:48,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,226 INFO L255 TraceCheckSpWp]: Trace formula consists of 273 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-12 19:42:48,233 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:42:48,375 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:42:48,376 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:42:48,567 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:42:48,567 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [814640897] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:42:48,567 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:42:48,568 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-12 19:42:48,568 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [320596669] [2024-10-12 19:42:48,568 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:42:48,568 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:42:48,568 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:48,569 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:42:48,569 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:42:48,569 INFO L87 Difference]: Start difference. First operand 299 states and 402 transitions. Second operand has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-12 19:42:49,568 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:49,568 INFO L93 Difference]: Finished difference Result 674 states and 928 transitions. [2024-10-12 19:42:49,568 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-12 19:42:49,568 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 74 [2024-10-12 19:42:49,569 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:49,569 INFO L225 Difference]: With dead ends: 674 [2024-10-12 19:42:49,570 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:42:49,572 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 207 GetRequests, 166 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 336 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-12 19:42:49,572 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 293 mSDsluCounter, 637 mSDsCounter, 0 mSdLazyCounter, 935 mSolverCounterSat, 111 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 296 SdHoareTripleChecker+Valid, 743 SdHoareTripleChecker+Invalid, 1046 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 111 IncrementalHoareTripleChecker+Valid, 935 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:49,572 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [296 Valid, 743 Invalid, 1046 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [111 Valid, 935 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-12 19:42:49,573 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:42:49,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:42:49,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:42:49,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:42:49,574 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 74 [2024-10-12 19:42:49,574 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:49,574 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:42:49,574 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-12 19:42:49,574 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:42:49,574 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:42:49,577 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:42:49,595 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-10-12 19:42:49,777 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:42:49,780 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:49,783 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:42:52,375 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:42:52,401 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:42:52,413 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:42:52,419 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:42:52,428 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:42:52 BoogieIcfgContainer [2024-10-12 19:42:52,429 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:42:52,429 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:42:52,429 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:42:52,430 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:42:52,430 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:44" (3/4) ... [2024-10-12 19:42:52,432 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:42:52,435 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:42:52,436 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:42:52,436 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:42:52,436 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:42:52,436 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:52,436 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:42:52,437 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-12 19:42:52,442 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-12 19:42:52,443 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:42:52,443 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:42:52,444 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:42:52,444 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:42:52,544 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:42:52,545 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:42:52,547 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:42:52,548 INFO L158 Benchmark]: Toolchain (without parser) took 9254.08ms. Allocated memory was 159.4MB in the beginning and 239.1MB in the end (delta: 79.7MB). Free memory was 113.3MB in the beginning and 103.2MB in the end (delta: 10.1MB). Peak memory consumption was 92.0MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,548 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 159.4MB. Free memory is still 125.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:42:52,548 INFO L158 Benchmark]: CACSL2BoogieTranslator took 497.90ms. Allocated memory is still 159.4MB. Free memory was 113.3MB in the beginning and 91.0MB in the end (delta: 22.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,549 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.34ms. Allocated memory is still 159.4MB. Free memory was 91.0MB in the beginning and 88.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,549 INFO L158 Benchmark]: Boogie Preprocessor took 39.58ms. Allocated memory is still 159.4MB. Free memory was 88.9MB in the beginning and 86.4MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,549 INFO L158 Benchmark]: RCFGBuilder took 472.92ms. Allocated memory is still 159.4MB. Free memory was 86.4MB in the beginning and 62.7MB in the end (delta: 23.8MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,549 INFO L158 Benchmark]: TraceAbstraction took 8049.57ms. Allocated memory was 159.4MB in the beginning and 239.1MB in the end (delta: 79.7MB). Free memory was 62.0MB in the beginning and 110.6MB in the end (delta: -48.5MB). Peak memory consumption was 77.3MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,549 INFO L158 Benchmark]: Witness Printer took 118.07ms. Allocated memory is still 239.1MB. Free memory was 110.6MB in the beginning and 103.2MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-12 19:42:52,551 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 159.4MB. Free memory is still 125.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 497.90ms. Allocated memory is still 159.4MB. Free memory was 113.3MB in the beginning and 91.0MB in the end (delta: 22.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.34ms. Allocated memory is still 159.4MB. Free memory was 91.0MB in the beginning and 88.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.58ms. Allocated memory is still 159.4MB. Free memory was 88.9MB in the beginning and 86.4MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 472.92ms. Allocated memory is still 159.4MB. Free memory was 86.4MB in the beginning and 62.7MB in the end (delta: 23.8MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 8049.57ms. Allocated memory was 159.4MB in the beginning and 239.1MB in the end (delta: 79.7MB). Free memory was 62.0MB in the beginning and 110.6MB in the end (delta: -48.5MB). Peak memory consumption was 77.3MB. Max. memory is 16.1GB. * Witness Printer took 118.07ms. Allocated memory is still 239.1MB. Free memory was 110.6MB in the beginning and 103.2MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [150] - GenericResultAtLocation [Line: 201]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [201] - GenericResultAtLocation [Line: 304]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [304] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [313] - GenericResultAtLocation [Line: 496]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [496] - GenericResultAtLocation [Line: 561]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [561] - GenericResultAtLocation [Line: 596]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [596] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 309]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 69 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1163 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1136 mSDsluCounter, 2228 SdHoareTripleChecker+Invalid, 1.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1512 mSDsCounter, 345 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2091 IncrementalHoareTripleChecker+Invalid, 2436 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 345 mSolverCounterUnsat, 716 mSDtfsCounter, 2091 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 337 GetRequests, 240 SyntacticMatches, 4 SemanticMatches, 93 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 467 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=313occurred in iteration=8, InterpolantAutomatonStates: 89, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 24 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 449 NumberOfCodeBlocks, 449 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 511 ConstructedInterpolants, 0 QuantifiedInterpolants, 1065 SizeOfPredicates, 2 NumberOfNonLiveVariables, 273 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 71/99 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 214]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 506]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 507]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 346]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 83]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 319]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 204]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 354]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (2 == waterLevel))) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) - ProcedureContractResult [Line: 71]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 432]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:42:52,579 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE