./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:42:42,656 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:42:42,738 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:42:42,743 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:42:42,743 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:42:42,775 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:42:42,776 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:42:42,776 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:42:42,777 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:42:42,779 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:42:42,779 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:42:42,779 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:42:42,780 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:42:42,780 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:42:42,780 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:42:42,782 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:42:42,782 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:42:42,783 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:42:42,783 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:42:42,783 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:42:42,784 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:42:42,784 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:42:42,785 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:42:42,785 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:42:42,785 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:42:42,786 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:42:42,786 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:42:42,786 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:42:42,786 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:42:42,787 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:42:42,787 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:42:42,787 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:42:42,788 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:42,788 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:42:42,788 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:42:42,789 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:42:42,789 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:42:42,789 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:42:42,789 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:42:42,790 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:42:42,790 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:42:42,791 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:42:42,791 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 31801b0d0a8db366707af3e7371b9dc02f7c34625c63f4c3f856015d4449b4b2 [2024-10-12 19:42:43,049 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:42:43,074 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:42:43,079 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:42:43,081 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:42:43,081 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:42:43,082 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-10-12 19:42:44,499 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:42:44,736 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:42:44,737 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c [2024-10-12 19:42:44,749 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/98b54a208/5ef794808d6e485686572a838f6ba2d4/FLAGc96ca4586 [2024-10-12 19:42:45,075 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/98b54a208/5ef794808d6e485686572a838f6ba2d4 [2024-10-12 19:42:45,078 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:42:45,079 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:42:45,083 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:45,083 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:42:45,088 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:42:45,089 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,090 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@58fbcc2f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45, skipping insertion in model container [2024-10-12 19:42:45,090 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,135 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:42:45,510 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-10-12 19:42:45,520 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:45,534 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:42:45,544 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-10-12 19:42:45,545 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] [2024-10-12 19:42:45,546 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] [2024-10-12 19:42:45,546 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] [2024-10-12 19:42:45,546 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] [2024-10-12 19:42:45,546 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] [2024-10-12 19:42:45,546 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] [2024-10-12 19:42:45,547 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] [2024-10-12 19:42:45,605 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product40.cil.c[17098,17111] [2024-10-12 19:42:45,608 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:42:45,630 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:42:45,630 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45 WrapperNode [2024-10-12 19:42:45,630 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:42:45,631 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:45,632 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:42:45,632 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:42:45,638 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,650 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,679 INFO L138 Inliner]: procedures = 57, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 209 [2024-10-12 19:42:45,680 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:42:45,681 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:42:45,681 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:42:45,681 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:42:45,691 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,692 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,694 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,707 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:42:45,707 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,708 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,712 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,718 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,720 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,725 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,728 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:42:45,729 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:42:45,729 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:42:45,730 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:42:45,730 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (1/1) ... [2024-10-12 19:42:45,741 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:42:45,752 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:42:45,768 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:42:45,777 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:42:45,824 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:42:45,825 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:42:45,825 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:42:45,825 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:42:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:42:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:42:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:42:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:45,826 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:45,826 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:42:45,827 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:42:45,827 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-12 19:42:45,827 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-12 19:42:45,827 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-10-12 19:42:45,827 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-10-12 19:42:45,828 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:42:45,828 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:42:45,828 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:42:45,829 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:42:45,829 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:42:45,910 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:42:45,912 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:42:46,155 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-10-12 19:42:46,156 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:42:46,233 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:42:46,234 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:42:46,234 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:46 BoogieIcfgContainer [2024-10-12 19:42:46,234 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:42:46,239 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:42:46,240 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:42:46,243 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:42:46,243 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:42:45" (1/3) ... [2024-10-12 19:42:46,245 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a709e1a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:46, skipping insertion in model container [2024-10-12 19:42:46,246 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:42:45" (2/3) ... [2024-10-12 19:42:46,246 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a709e1a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:42:46, skipping insertion in model container [2024-10-12 19:42:46,246 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:46" (3/3) ... [2024-10-12 19:42:46,247 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product40.cil.c [2024-10-12 19:42:46,264 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:42:46,264 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:42:46,316 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:42:46,324 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2c36151b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:42:46,326 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:42:46,331 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 51 states have (on average 1.5294117647058822) internal successors, (78), 60 states have internal predecessors, (78), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-10-12 19:42:46,342 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-12 19:42:46,342 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:46,343 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:46,343 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:46,348 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:46,349 INFO L85 PathProgramCache]: Analyzing trace with hash -559003011, now seen corresponding path program 1 times [2024-10-12 19:42:46,360 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:46,360 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2118869667] [2024-10-12 19:42:46,361 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:46,361 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:46,488 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,571 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:42:46,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,584 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:42:46,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,596 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:46,597 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:46,597 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2118869667] [2024-10-12 19:42:46,598 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2118869667] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:46,602 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:46,602 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:42:46,604 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [29853074] [2024-10-12 19:42:46,605 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:46,612 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:42:46,614 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:46,647 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:42:46,648 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:42:46,650 INFO L87 Difference]: Start difference. First operand has 75 states, 51 states have (on average 1.5294117647058822) internal successors, (78), 60 states have internal predecessors, (78), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:46,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:46,726 INFO L93 Difference]: Finished difference Result 148 states and 213 transitions. [2024-10-12 19:42:46,727 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:42:46,729 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-12 19:42:46,730 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:46,739 INFO L225 Difference]: With dead ends: 148 [2024-10-12 19:42:46,739 INFO L226 Difference]: Without dead ends: 70 [2024-10-12 19:42:46,744 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:42:46,749 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 85 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:46,751 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 85 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:42:46,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2024-10-12 19:42:46,789 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2024-10-12 19:42:46,791 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 48 states have (on average 1.4166666666666667) internal successors, (68), 56 states have internal predecessors, (68), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-10-12 19:42:46,793 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 95 transitions. [2024-10-12 19:42:46,794 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 95 transitions. Word has length 22 [2024-10-12 19:42:46,795 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:46,795 INFO L471 AbstractCegarLoop]: Abstraction has 70 states and 95 transitions. [2024-10-12 19:42:46,795 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:46,795 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 95 transitions. [2024-10-12 19:42:46,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-12 19:42:46,798 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:46,798 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:46,798 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:42:46,799 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:46,799 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:46,800 INFO L85 PathProgramCache]: Analyzing trace with hash -1472764956, now seen corresponding path program 1 times [2024-10-12 19:42:46,800 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:46,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [650279350] [2024-10-12 19:42:46,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:46,801 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:46,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:42:46,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,922 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:42:46,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:46,926 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:46,926 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:46,926 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [650279350] [2024-10-12 19:42:46,927 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [650279350] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:46,927 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:46,927 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:42:46,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1984915360] [2024-10-12 19:42:46,928 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:46,930 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:42:46,930 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:46,932 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:42:46,932 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:46,933 INFO L87 Difference]: Start difference. First operand 70 states and 95 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:46,984 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:46,984 INFO L93 Difference]: Finished difference Result 110 states and 148 transitions. [2024-10-12 19:42:46,987 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:42:46,987 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-12 19:42:46,987 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:46,988 INFO L225 Difference]: With dead ends: 110 [2024-10-12 19:42:46,988 INFO L226 Difference]: Without dead ends: 62 [2024-10-12 19:42:46,989 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:46,992 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 14 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:46,993 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 126 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:42:46,994 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 62 states. [2024-10-12 19:42:47,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 62 to 62. [2024-10-12 19:42:47,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 62 states, 43 states have (on average 1.441860465116279) internal successors, (62), 51 states have internal predecessors, (62), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-12 19:42:47,008 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 62 states to 62 states and 84 transitions. [2024-10-12 19:42:47,009 INFO L78 Accepts]: Start accepts. Automaton has 62 states and 84 transitions. Word has length 23 [2024-10-12 19:42:47,009 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:47,009 INFO L471 AbstractCegarLoop]: Abstraction has 62 states and 84 transitions. [2024-10-12 19:42:47,009 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:42:47,010 INFO L276 IsEmpty]: Start isEmpty. Operand 62 states and 84 transitions. [2024-10-12 19:42:47,010 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:42:47,011 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:47,011 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:47,011 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:42:47,011 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:47,012 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:47,012 INFO L85 PathProgramCache]: Analyzing trace with hash -1962258660, now seen corresponding path program 1 times [2024-10-12 19:42:47,013 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:47,013 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [518033166] [2024-10-12 19:42:47,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:47,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:47,050 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,131 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:47,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,138 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:42:47,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,141 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:47,141 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:47,141 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [518033166] [2024-10-12 19:42:47,141 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [518033166] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:47,141 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:47,141 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:42:47,142 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529596026] [2024-10-12 19:42:47,142 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:47,142 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:42:47,142 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:47,143 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:42:47,143 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:47,143 INFO L87 Difference]: Start difference. First operand 62 states and 84 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:47,207 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:47,209 INFO L93 Difference]: Finished difference Result 182 states and 249 transitions. [2024-10-12 19:42:47,210 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:42:47,210 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-12 19:42:47,211 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:47,213 INFO L225 Difference]: With dead ends: 182 [2024-10-12 19:42:47,215 INFO L226 Difference]: Without dead ends: 122 [2024-10-12 19:42:47,216 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:42:47,217 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 75 mSDsluCounter, 69 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:47,221 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 152 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:42:47,222 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2024-10-12 19:42:47,260 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 119. [2024-10-12 19:42:47,260 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 82 states have (on average 1.451219512195122) internal successors, (119), 97 states have internal predecessors, (119), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2024-10-12 19:42:47,261 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 163 transitions. [2024-10-12 19:42:47,262 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 163 transitions. Word has length 26 [2024-10-12 19:42:47,262 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:47,262 INFO L471 AbstractCegarLoop]: Abstraction has 119 states and 163 transitions. [2024-10-12 19:42:47,262 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:47,263 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 163 transitions. [2024-10-12 19:42:47,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-12 19:42:47,264 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:47,264 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:47,265 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:42:47,265 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:47,266 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:47,266 INFO L85 PathProgramCache]: Analyzing trace with hash 647764494, now seen corresponding path program 1 times [2024-10-12 19:42:47,266 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:47,266 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1903365678] [2024-10-12 19:42:47,267 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:47,267 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:47,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,409 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-10-12 19:42:47,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,415 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:42:47,417 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,439 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:42:47,440 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:47,440 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1903365678] [2024-10-12 19:42:47,440 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1903365678] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:47,440 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:47,441 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:42:47,441 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2023358930] [2024-10-12 19:42:47,441 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:47,441 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:42:47,442 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:47,443 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:42:47,443 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:42:47,445 INFO L87 Difference]: Start difference. First operand 119 states and 163 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:47,653 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:47,653 INFO L93 Difference]: Finished difference Result 316 states and 441 transitions. [2024-10-12 19:42:47,654 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:42:47,655 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2024-10-12 19:42:47,655 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:47,657 INFO L225 Difference]: With dead ends: 316 [2024-10-12 19:42:47,658 INFO L226 Difference]: Without dead ends: 199 [2024-10-12 19:42:47,661 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:42:47,664 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 58 mSDsluCounter, 240 mSDsCounter, 0 mSdLazyCounter, 113 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 122 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 113 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:47,665 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 312 Invalid, 122 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:47,666 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 199 states. [2024-10-12 19:42:47,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 199 to 198. [2024-10-12 19:42:47,699 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 139 states have (on average 1.3741007194244603) internal successors, (191), 154 states have internal predecessors, (191), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2024-10-12 19:42:47,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 263 transitions. [2024-10-12 19:42:47,702 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 263 transitions. Word has length 29 [2024-10-12 19:42:47,702 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:47,702 INFO L471 AbstractCegarLoop]: Abstraction has 198 states and 263 transitions. [2024-10-12 19:42:47,703 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:42:47,703 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 263 transitions. [2024-10-12 19:42:47,705 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:47,707 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:47,707 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:47,707 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:42:47,708 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:47,708 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:47,708 INFO L85 PathProgramCache]: Analyzing trace with hash 2086249014, now seen corresponding path program 1 times [2024-10-12 19:42:47,708 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:47,708 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2065646331] [2024-10-12 19:42:47,709 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:47,709 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:47,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,793 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:47,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,799 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:47,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,844 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:47,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:47,846 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:47,846 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:47,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2065646331] [2024-10-12 19:42:47,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2065646331] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:47,846 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:47,846 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:42:47,846 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1131773963] [2024-10-12 19:42:47,847 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:47,847 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:42:47,849 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:47,850 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:42:47,850 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:42:47,850 INFO L87 Difference]: Start difference. First operand 198 states and 263 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,118 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:48,118 INFO L93 Difference]: Finished difference Result 662 states and 939 transitions. [2024-10-12 19:42:48,120 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:42:48,121 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-12 19:42:48,121 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:48,127 INFO L225 Difference]: With dead ends: 662 [2024-10-12 19:42:48,127 INFO L226 Difference]: Without dead ends: 466 [2024-10-12 19:42:48,129 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:42:48,130 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 140 mSDsluCounter, 179 mSDsCounter, 0 mSdLazyCounter, 178 mSolverCounterSat, 48 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 48 IncrementalHoareTripleChecker+Valid, 178 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:48,130 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 237 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [48 Valid, 178 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:42:48,135 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2024-10-12 19:42:48,194 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 460. [2024-10-12 19:42:48,198 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 460 states, 327 states have (on average 1.342507645259939) internal successors, (439), 352 states have internal predecessors, (439), 72 states have call successors, (72), 52 states have call predecessors, (72), 60 states have return successors, (120), 70 states have call predecessors, (120), 72 states have call successors, (120) [2024-10-12 19:42:48,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 460 states to 460 states and 631 transitions. [2024-10-12 19:42:48,202 INFO L78 Accepts]: Start accepts. Automaton has 460 states and 631 transitions. Word has length 38 [2024-10-12 19:42:48,203 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:48,203 INFO L471 AbstractCegarLoop]: Abstraction has 460 states and 631 transitions. [2024-10-12 19:42:48,203 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,203 INFO L276 IsEmpty]: Start isEmpty. Operand 460 states and 631 transitions. [2024-10-12 19:42:48,205 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:48,206 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:48,206 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:48,206 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:42:48,207 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:48,207 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:48,208 INFO L85 PathProgramCache]: Analyzing trace with hash -620370380, now seen corresponding path program 1 times [2024-10-12 19:42:48,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:48,208 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1224453096] [2024-10-12 19:42:48,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:48,208 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:48,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,276 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:48,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:48,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,309 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:48,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,313 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:48,313 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:48,314 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1224453096] [2024-10-12 19:42:48,314 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1224453096] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:48,314 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:48,314 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:42:48,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1803044243] [2024-10-12 19:42:48,315 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:48,315 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:42:48,316 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:48,316 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:42:48,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:42:48,316 INFO L87 Difference]: Start difference. First operand 460 states and 631 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,483 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:48,483 INFO L93 Difference]: Finished difference Result 924 states and 1283 transitions. [2024-10-12 19:42:48,484 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:42:48,484 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-12 19:42:48,484 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:48,487 INFO L225 Difference]: With dead ends: 924 [2024-10-12 19:42:48,487 INFO L226 Difference]: Without dead ends: 466 [2024-10-12 19:42:48,489 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:42:48,490 INFO L432 NwaCegarLoop]: 62 mSDtfsCounter, 45 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 198 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:48,490 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 198 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:48,491 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2024-10-12 19:42:48,526 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 464. [2024-10-12 19:42:48,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 464 states, 331 states have (on average 1.338368580060423) internal successors, (443), 356 states have internal predecessors, (443), 72 states have call successors, (72), 52 states have call predecessors, (72), 60 states have return successors, (120), 70 states have call predecessors, (120), 72 states have call successors, (120) [2024-10-12 19:42:48,532 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 464 states to 464 states and 635 transitions. [2024-10-12 19:42:48,533 INFO L78 Accepts]: Start accepts. Automaton has 464 states and 635 transitions. Word has length 38 [2024-10-12 19:42:48,535 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:48,535 INFO L471 AbstractCegarLoop]: Abstraction has 464 states and 635 transitions. [2024-10-12 19:42:48,535 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,535 INFO L276 IsEmpty]: Start isEmpty. Operand 464 states and 635 transitions. [2024-10-12 19:42:48,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-12 19:42:48,536 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:48,536 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:48,537 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:42:48,537 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:48,537 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:48,537 INFO L85 PathProgramCache]: Analyzing trace with hash -1900234058, now seen corresponding path program 1 times [2024-10-12 19:42:48,537 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:48,537 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [291343854] [2024-10-12 19:42:48,538 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:48,538 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:48,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,597 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:42:48,598 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,602 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:42:48,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,626 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-12 19:42:48,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,630 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:48,631 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:48,631 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [291343854] [2024-10-12 19:42:48,631 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [291343854] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:48,631 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:48,631 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:42:48,631 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1251889912] [2024-10-12 19:42:48,631 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:48,632 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:42:48,632 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:48,633 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:42:48,633 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:42:48,633 INFO L87 Difference]: Start difference. First operand 464 states and 635 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,776 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:48,776 INFO L93 Difference]: Finished difference Result 902 states and 1253 transitions. [2024-10-12 19:42:48,776 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:42:48,777 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-12 19:42:48,777 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:48,781 INFO L225 Difference]: With dead ends: 902 [2024-10-12 19:42:48,781 INFO L226 Difference]: Without dead ends: 440 [2024-10-12 19:42:48,782 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:42:48,784 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 44 mSDsluCounter, 128 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 186 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:48,784 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 186 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:42:48,785 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 440 states. [2024-10-12 19:42:48,815 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 440 to 438. [2024-10-12 19:42:48,816 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 311 states have (on average 1.3279742765273312) internal successors, (413), 334 states have internal predecessors, (413), 70 states have call successors, (70), 52 states have call predecessors, (70), 56 states have return successors, (102), 66 states have call predecessors, (102), 70 states have call successors, (102) [2024-10-12 19:42:48,819 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 585 transitions. [2024-10-12 19:42:48,820 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 585 transitions. Word has length 38 [2024-10-12 19:42:48,820 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:48,821 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 585 transitions. [2024-10-12 19:42:48,821 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:42:48,821 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 585 transitions. [2024-10-12 19:42:48,822 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-12 19:42:48,823 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:48,823 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:48,823 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:42:48,823 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:48,823 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:48,824 INFO L85 PathProgramCache]: Analyzing trace with hash 928377310, now seen corresponding path program 1 times [2024-10-12 19:42:48,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:48,824 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [125279576] [2024-10-12 19:42:48,824 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:48,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:48,840 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:48,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,974 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:42:48,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:48,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:42:48,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,023 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-12 19:42:49,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,029 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:42:49,030 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:49,030 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [125279576] [2024-10-12 19:42:49,030 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [125279576] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:49,030 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:49,031 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-12 19:42:49,033 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1533747529] [2024-10-12 19:42:49,033 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:49,033 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-12 19:42:49,033 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:49,034 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-12 19:42:49,034 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-12 19:42:49,034 INFO L87 Difference]: Start difference. First operand 438 states and 585 transitions. Second operand has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:42:49,551 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:49,552 INFO L93 Difference]: Finished difference Result 1071 states and 1489 transitions. [2024-10-12 19:42:49,552 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-12 19:42:49,552 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-12 19:42:49,553 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:49,557 INFO L225 Difference]: With dead ends: 1071 [2024-10-12 19:42:49,557 INFO L226 Difference]: Without dead ends: 635 [2024-10-12 19:42:49,560 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-12 19:42:49,561 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 232 mSDsluCounter, 206 mSDsCounter, 0 mSdLazyCounter, 381 mSolverCounterSat, 84 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 276 SdHoareTripleChecker+Invalid, 465 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 84 IncrementalHoareTripleChecker+Valid, 381 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:49,563 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 276 Invalid, 465 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [84 Valid, 381 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-12 19:42:49,564 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 635 states. [2024-10-12 19:42:49,616 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 635 to 629. [2024-10-12 19:42:49,617 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 629 states, 448 states have (on average 1.2991071428571428) internal successors, (582), 485 states have internal predecessors, (582), 100 states have call successors, (100), 71 states have call predecessors, (100), 80 states have return successors, (172), 96 states have call predecessors, (172), 100 states have call successors, (172) [2024-10-12 19:42:49,624 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 629 states to 629 states and 854 transitions. [2024-10-12 19:42:49,625 INFO L78 Accepts]: Start accepts. Automaton has 629 states and 854 transitions. Word has length 42 [2024-10-12 19:42:49,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:49,626 INFO L471 AbstractCegarLoop]: Abstraction has 629 states and 854 transitions. [2024-10-12 19:42:49,626 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:42:49,627 INFO L276 IsEmpty]: Start isEmpty. Operand 629 states and 854 transitions. [2024-10-12 19:42:49,628 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-10-12 19:42:49,629 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:49,629 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:49,629 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:42:49,630 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:49,630 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:49,630 INFO L85 PathProgramCache]: Analyzing trace with hash -1194786365, now seen corresponding path program 1 times [2024-10-12 19:42:49,630 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:49,630 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1424008846] [2024-10-12 19:42:49,630 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:49,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:49,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,695 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:49,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,705 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:42:49,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,721 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:42:49,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,729 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:42:49,732 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,735 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-10-12 19:42:49,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,737 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-12 19:42:49,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:49,739 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:42:49,740 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:49,740 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1424008846] [2024-10-12 19:42:49,741 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1424008846] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:42:49,741 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:42:49,741 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-12 19:42:49,741 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [895348848] [2024-10-12 19:42:49,741 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:42:49,741 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-12 19:42:49,742 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:49,742 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-12 19:42:49,742 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=29, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:42:49,742 INFO L87 Difference]: Start difference. First operand 629 states and 854 transitions. Second operand has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-12 19:42:50,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:50,097 INFO L93 Difference]: Finished difference Result 1041 states and 1404 transitions. [2024-10-12 19:42:50,098 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-12 19:42:50,098 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 67 [2024-10-12 19:42:50,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:50,101 INFO L225 Difference]: With dead ends: 1041 [2024-10-12 19:42:50,101 INFO L226 Difference]: Without dead ends: 414 [2024-10-12 19:42:50,103 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 29 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=55, Invalid=127, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:42:50,103 INFO L432 NwaCegarLoop]: 75 mSDtfsCounter, 252 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 246 mSolverCounterSat, 94 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 261 SdHoareTripleChecker+Valid, 205 SdHoareTripleChecker+Invalid, 340 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 94 IncrementalHoareTripleChecker+Valid, 246 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:50,104 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [261 Valid, 205 Invalid, 340 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [94 Valid, 246 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:42:50,104 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 414 states. [2024-10-12 19:42:50,135 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 414 to 406. [2024-10-12 19:42:50,136 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 406 states, 290 states have (on average 1.282758620689655) internal successors, (372), 314 states have internal predecessors, (372), 64 states have call successors, (64), 48 states have call predecessors, (64), 51 states have return successors, (100), 62 states have call predecessors, (100), 64 states have call successors, (100) [2024-10-12 19:42:50,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 406 states to 406 states and 536 transitions. [2024-10-12 19:42:50,139 INFO L78 Accepts]: Start accepts. Automaton has 406 states and 536 transitions. Word has length 67 [2024-10-12 19:42:50,141 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:50,141 INFO L471 AbstractCegarLoop]: Abstraction has 406 states and 536 transitions. [2024-10-12 19:42:50,141 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 8.666666666666666) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (7), 5 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-10-12 19:42:50,141 INFO L276 IsEmpty]: Start isEmpty. Operand 406 states and 536 transitions. [2024-10-12 19:42:50,143 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2024-10-12 19:42:50,143 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:42:50,143 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:50,144 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:42:50,144 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:42:50,144 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:42:50,144 INFO L85 PathProgramCache]: Analyzing trace with hash 1805836942, now seen corresponding path program 1 times [2024-10-12 19:42:50,144 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:42:50,145 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1383786205] [2024-10-12 19:42:50,145 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:50,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:42:50,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,260 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:42:50,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,277 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:42:50,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:42:50,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,306 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:42:50,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,313 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-12 19:42:50,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,326 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-12 19:42:50,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,329 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:42:50,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,331 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-10-12 19:42:50,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,333 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:42:50,333 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:42:50,333 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1383786205] [2024-10-12 19:42:50,333 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1383786205] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:42:50,333 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1848535179] [2024-10-12 19:42:50,333 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:42:50,334 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:42:50,334 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:42:50,336 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:42:50,338 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:42:50,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:42:50,418 INFO L255 TraceCheckSpWp]: Trace formula consists of 277 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-12 19:42:50,424 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:42:50,579 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:42:50,580 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:42:50,797 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:42:50,799 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1848535179] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:42:50,799 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:42:50,799 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-12 19:42:50,799 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1102344707] [2024-10-12 19:42:50,800 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:42:50,800 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:42:50,800 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:42:50,801 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:42:50,801 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:42:50,801 INFO L87 Difference]: Start difference. First operand 406 states and 536 transitions. Second operand has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:42:51,930 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:42:51,930 INFO L93 Difference]: Finished difference Result 968 states and 1305 transitions. [2024-10-12 19:42:51,931 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-10-12 19:42:51,931 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 74 [2024-10-12 19:42:51,931 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:42:51,933 INFO L225 Difference]: With dead ends: 968 [2024-10-12 19:42:51,933 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:42:51,936 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 217 GetRequests, 168 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 582 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=451, Invalid=1711, Unknown=0, NotChecked=0, Total=2162 [2024-10-12 19:42:51,937 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 344 mSDsluCounter, 545 mSDsCounter, 0 mSdLazyCounter, 908 mSolverCounterSat, 134 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 352 SdHoareTripleChecker+Valid, 661 SdHoareTripleChecker+Invalid, 1042 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 134 IncrementalHoareTripleChecker+Valid, 908 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-12 19:42:51,938 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [352 Valid, 661 Invalid, 1042 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [134 Valid, 908 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-12 19:42:51,939 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:42:51,939 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:42:51,939 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:42:51,939 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:42:51,940 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 74 [2024-10-12 19:42:51,940 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:42:51,940 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:42:51,940 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 7.909090909090909) internal successors, (87), 10 states have internal predecessors, (87), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:42:51,940 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:42:51,941 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:42:51,943 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:42:51,961 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-12 19:42:52,147 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:42:52,150 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:42:52,152 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:42:55,655 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:42:55,675 WARN L155 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)))) [2024-10-12 19:42:55,699 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-12 19:42:55,711 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:42:55,718 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-10-12 19:42:55,729 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:42:55 BoogieIcfgContainer [2024-10-12 19:42:55,729 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:42:55,730 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:42:55,730 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:42:55,730 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:42:55,731 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:42:46" (3/4) ... [2024-10-12 19:42:55,733 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:42:55,736 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-10-12 19:42:55,736 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:42:55,736 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:42:55,736 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:42:55,737 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:42:55,737 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:42:55,737 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:42:55,737 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-12 19:42:55,746 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-12 19:42:55,746 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:42:55,747 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:42:55,747 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:42:55,748 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:42:55,850 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:42:55,851 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:42:55,851 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:42:55,852 INFO L158 Benchmark]: Toolchain (without parser) took 10772.60ms. Allocated memory was 182.5MB in the beginning and 281.0MB in the end (delta: 98.6MB). Free memory was 123.6MB in the beginning and 133.3MB in the end (delta: -9.7MB). Peak memory consumption was 87.9MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,852 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 96.5MB. Free memory is still 50.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:42:55,852 INFO L158 Benchmark]: CACSL2BoogieTranslator took 547.93ms. Allocated memory is still 182.5MB. Free memory was 123.6MB in the beginning and 146.3MB in the end (delta: -22.7MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,853 INFO L158 Benchmark]: Boogie Procedure Inliner took 48.92ms. Allocated memory is still 182.5MB. Free memory was 146.3MB in the beginning and 144.3MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,853 INFO L158 Benchmark]: Boogie Preprocessor took 47.10ms. Allocated memory is still 182.5MB. Free memory was 144.3MB in the beginning and 142.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,853 INFO L158 Benchmark]: RCFGBuilder took 505.12ms. Allocated memory is still 182.5MB. Free memory was 142.2MB in the beginning and 118.1MB in the end (delta: 24.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,854 INFO L158 Benchmark]: TraceAbstraction took 9489.81ms. Allocated memory was 182.5MB in the beginning and 281.0MB in the end (delta: 98.6MB). Free memory was 117.1MB in the beginning and 140.7MB in the end (delta: -23.6MB). Peak memory consumption was 100.1MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,854 INFO L158 Benchmark]: Witness Printer took 121.54ms. Allocated memory is still 281.0MB. Free memory was 140.7MB in the beginning and 133.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-12 19:42:55,855 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 96.5MB. Free memory is still 50.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 547.93ms. Allocated memory is still 182.5MB. Free memory was 123.6MB in the beginning and 146.3MB in the end (delta: -22.7MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 48.92ms. Allocated memory is still 182.5MB. Free memory was 146.3MB in the beginning and 144.3MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 47.10ms. Allocated memory is still 182.5MB. Free memory was 144.3MB in the beginning and 142.2MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 505.12ms. Allocated memory is still 182.5MB. Free memory was 142.2MB in the beginning and 118.1MB in the end (delta: 24.1MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 9489.81ms. Allocated memory was 182.5MB in the beginning and 281.0MB in the end (delta: 98.6MB). Free memory was 117.1MB in the beginning and 140.7MB in the end (delta: -23.6MB). Peak memory consumption was 100.1MB. Max. memory is 16.1GB. * Witness Printer took 121.54ms. Allocated memory is still 281.0MB. Free memory was 140.7MB in the beginning and 133.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 266]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [266] - GenericResultAtLocation [Line: 338]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [338] - GenericResultAtLocation [Line: 704]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [704] - GenericResultAtLocation [Line: 755]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [755] - GenericResultAtLocation [Line: 855]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [855] - GenericResultAtLocation [Line: 864]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [864] - GenericResultAtLocation [Line: 899]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [899] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 860]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 75 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.9s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1246 SdHoareTripleChecker+Valid, 1.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1204 mSDsluCounter, 2438 SdHoareTripleChecker+Invalid, 1.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1688 mSDsCounter, 396 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2139 IncrementalHoareTripleChecker+Invalid, 2535 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 396 mSolverCounterUnsat, 750 mSDtfsCounter, 2139 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 347 GetRequests, 244 SyntacticMatches, 4 SemanticMatches, 99 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 659 ImplicationChecksByTransitivity, 0.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=629occurred in iteration=8, InterpolantAutomatonStates: 96, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 28 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 471 NumberOfCodeBlocks, 471 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 533 ConstructedInterpolants, 0 QuantifiedInterpolants, 967 SizeOfPredicates, 2 NumberOfNonLiveVariables, 277 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 98/119 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 767]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 279]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) Ensures: ((pumpRunning == 0) && ((((2 == waterLevel) && (1 == systemActive)) && (1 <= \old(pumpRunning))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 926]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 757]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((\old(pumpRunning) == 0) && (0 == systemActive))) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1)) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) - ProcedureContractResult [Line: 914]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:42:55,889 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE