./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:43:00,373 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:43:00,429 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:43:00,436 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:43:00,436 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:43:00,459 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:43:00,460 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:43:00,461 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:43:00,461 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:43:00,461 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:43:00,462 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:43:00,462 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:43:00,462 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:43:00,463 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:43:00,463 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:43:00,463 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:43:00,464 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:43:00,464 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:43:00,464 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:43:00,464 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:43:00,465 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:43:00,465 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:43:00,465 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:43:00,466 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:43:00,466 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:43:00,466 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:43:00,467 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:43:00,467 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:43:00,467 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:43:00,467 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:43:00,468 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:43:00,468 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:43:00,468 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:43:00,468 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:43:00,468 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:43:00,469 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:43:00,469 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:43:00,469 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:43:00,469 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:43:00,469 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:43:00,470 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:43:00,470 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:43:00,470 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 [2024-10-12 19:43:00,677 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:43:00,696 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:43:00,698 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:43:00,700 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:43:00,700 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:43:00,701 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-10-12 19:43:02,187 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:43:02,387 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:43:02,388 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2024-10-12 19:43:02,402 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1485e2bf8/af9ed409941d4ffeab9567a7cff6972e/FLAG830d08e23 [2024-10-12 19:43:02,414 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1485e2bf8/af9ed409941d4ffeab9567a7cff6972e [2024-10-12 19:43:02,417 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:43:02,418 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:43:02,419 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:43:02,419 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:43:02,423 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:43:02,424 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,425 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3cd81ef6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02, skipping insertion in model container [2024-10-12 19:43:02,425 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,460 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:43:02,599 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-10-12 19:43:02,707 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:43:02,715 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:43:02,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-10-12 19:43:02,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-10-12 19:43:02,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] [2024-10-12 19:43:02,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] [2024-10-12 19:43:02,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] [2024-10-12 19:43:02,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] [2024-10-12 19:43:02,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] [2024-10-12 19:43:02,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] [2024-10-12 19:43:02,732 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2024-10-12 19:43:02,801 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:43:02,822 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:43:02,822 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02 WrapperNode [2024-10-12 19:43:02,823 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:43:02,823 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:43:02,824 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:43:02,824 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:43:02,829 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,842 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,864 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 232 [2024-10-12 19:43:02,865 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:43:02,865 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:43:02,865 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:43:02,866 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:43:02,875 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,875 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,877 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,895 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:43:02,895 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,895 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,899 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,903 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,904 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,905 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,907 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:43:02,907 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:43:02,907 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:43:02,907 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:43:02,908 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (1/1) ... [2024-10-12 19:43:02,926 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:43:02,943 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:43:02,983 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:43:02,998 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:43:03,032 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:43:03,032 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:43:03,033 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:43:03,033 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:43:03,033 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:43:03,033 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:43:03,033 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:43:03,033 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:03,033 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:03,033 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:43:03,033 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:43:03,034 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-12 19:43:03,034 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-12 19:43:03,034 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:43:03,034 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:43:03,034 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:43:03,034 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:43:03,034 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:43:03,102 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:43:03,104 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:43:03,351 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-12 19:43:03,351 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:43:03,405 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:43:03,405 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:43:03,405 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:03 BoogieIcfgContainer [2024-10-12 19:43:03,406 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:43:03,411 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:43:03,411 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:43:03,414 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:43:03,414 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:43:02" (1/3) ... [2024-10-12 19:43:03,418 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7953d668 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:43:03, skipping insertion in model container [2024-10-12 19:43:03,419 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:02" (2/3) ... [2024-10-12 19:43:03,419 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7953d668 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:43:03, skipping insertion in model container [2024-10-12 19:43:03,419 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:03" (3/3) ... [2024-10-12 19:43:03,420 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product57.cil.c [2024-10-12 19:43:03,435 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:43:03,435 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:43:03,482 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:43:03,488 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6ee1a2cd, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:43:03,488 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:43:03,491 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 52 states have (on average 1.5384615384615385) internal successors, (80), 60 states have internal predecessors, (80), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-12 19:43:03,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-12 19:43:03,498 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:03,499 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:03,499 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:03,503 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:03,503 INFO L85 PathProgramCache]: Analyzing trace with hash 835053812, now seen corresponding path program 1 times [2024-10-12 19:43:03,509 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:03,510 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1943863921] [2024-10-12 19:43:03,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:03,510 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:03,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:03,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,660 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:03,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,663 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:03,663 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:03,664 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1943863921] [2024-10-12 19:43:03,664 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1943863921] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:03,664 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:03,665 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:43:03,666 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2054812563] [2024-10-12 19:43:03,666 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:03,669 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:43:03,669 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:03,692 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:43:03,693 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:03,695 INFO L87 Difference]: Start difference. First operand has 73 states, 52 states have (on average 1.5384615384615385) internal successors, (80), 60 states have internal predecessors, (80), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:03,749 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:03,750 INFO L93 Difference]: Finished difference Result 144 states and 209 transitions. [2024-10-12 19:43:03,751 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:43:03,752 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-12 19:43:03,752 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:03,760 INFO L225 Difference]: With dead ends: 144 [2024-10-12 19:43:03,760 INFO L226 Difference]: Without dead ends: 68 [2024-10-12 19:43:03,763 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:03,765 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 83 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:03,766 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 83 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:03,778 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2024-10-12 19:43:03,792 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2024-10-12 19:43:03,793 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 56 states have internal predecessors, (70), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-12 19:43:03,794 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 93 transitions. [2024-10-12 19:43:03,796 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 93 transitions. Word has length 22 [2024-10-12 19:43:03,796 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:03,796 INFO L471 AbstractCegarLoop]: Abstraction has 68 states and 93 transitions. [2024-10-12 19:43:03,796 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:03,797 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 93 transitions. [2024-10-12 19:43:03,798 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-12 19:43:03,798 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:03,798 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:03,798 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:43:03,799 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:03,799 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:03,799 INFO L85 PathProgramCache]: Analyzing trace with hash 158650053, now seen corresponding path program 1 times [2024-10-12 19:43:03,799 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:03,800 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1697937434] [2024-10-12 19:43:03,800 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:03,800 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:03,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,870 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:03,872 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,873 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:43:03,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:03,876 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:03,876 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:03,876 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1697937434] [2024-10-12 19:43:03,876 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1697937434] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:03,876 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:03,876 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:03,877 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1958169268] [2024-10-12 19:43:03,877 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:03,878 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:03,878 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:03,878 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:03,878 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:03,879 INFO L87 Difference]: Start difference. First operand 68 states and 93 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:03,915 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:03,915 INFO L93 Difference]: Finished difference Result 109 states and 149 transitions. [2024-10-12 19:43:03,917 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:03,917 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-12 19:43:03,917 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:03,918 INFO L225 Difference]: With dead ends: 109 [2024-10-12 19:43:03,918 INFO L226 Difference]: Without dead ends: 60 [2024-10-12 19:43:03,918 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:03,919 INFO L432 NwaCegarLoop]: 69 mSDtfsCounter, 11 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 24 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 124 SdHoareTripleChecker+Invalid, 24 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 24 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:03,920 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 124 Invalid, 24 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 24 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:03,921 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2024-10-12 19:43:03,929 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2024-10-12 19:43:03,930 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 44 states have (on average 1.4545454545454546) internal successors, (64), 51 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:43:03,931 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 82 transitions. [2024-10-12 19:43:03,931 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 82 transitions. Word has length 23 [2024-10-12 19:43:03,932 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:03,933 INFO L471 AbstractCegarLoop]: Abstraction has 60 states and 82 transitions. [2024-10-12 19:43:03,933 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:03,933 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 82 transitions. [2024-10-12 19:43:03,934 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:43:03,934 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:03,934 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:03,934 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:43:03,935 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:03,935 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:03,935 INFO L85 PathProgramCache]: Analyzing trace with hash 740625543, now seen corresponding path program 1 times [2024-10-12 19:43:03,937 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:03,937 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [793907480] [2024-10-12 19:43:03,937 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:03,937 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:03,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,034 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:04,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,038 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:43:04,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,040 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:04,040 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:04,040 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [793907480] [2024-10-12 19:43:04,040 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [793907480] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:04,041 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:04,041 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:04,041 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998304277] [2024-10-12 19:43:04,041 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:04,041 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:04,041 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:04,042 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:04,042 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:04,042 INFO L87 Difference]: Start difference. First operand 60 states and 82 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:04,079 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:04,080 INFO L93 Difference]: Finished difference Result 118 states and 163 transitions. [2024-10-12 19:43:04,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:04,082 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-12 19:43:04,083 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:04,083 INFO L225 Difference]: With dead ends: 118 [2024-10-12 19:43:04,084 INFO L226 Difference]: Without dead ends: 60 [2024-10-12 19:43:04,085 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:04,086 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 67 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 67 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:04,089 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 67 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:04,090 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2024-10-12 19:43:04,097 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2024-10-12 19:43:04,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 44 states have (on average 1.4318181818181819) internal successors, (63), 51 states have internal predecessors, (63), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:43:04,099 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 81 transitions. [2024-10-12 19:43:04,099 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 81 transitions. Word has length 26 [2024-10-12 19:43:04,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:04,100 INFO L471 AbstractCegarLoop]: Abstraction has 60 states and 81 transitions. [2024-10-12 19:43:04,100 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:04,101 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 81 transitions. [2024-10-12 19:43:04,101 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-10-12 19:43:04,102 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:04,102 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:04,102 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:43:04,102 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:04,103 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:04,103 INFO L85 PathProgramCache]: Analyzing trace with hash -2057962832, now seen corresponding path program 1 times [2024-10-12 19:43:04,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:04,103 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [797291485] [2024-10-12 19:43:04,103 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:04,103 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:04,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,143 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:04,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,146 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-12 19:43:04,147 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,149 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:04,149 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:04,149 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [797291485] [2024-10-12 19:43:04,149 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [797291485] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:04,149 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:04,150 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:04,150 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [189957930] [2024-10-12 19:43:04,150 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:04,150 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:04,151 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:04,151 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:04,151 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:04,151 INFO L87 Difference]: Start difference. First operand 60 states and 81 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:04,203 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:04,204 INFO L93 Difference]: Finished difference Result 161 states and 220 transitions. [2024-10-12 19:43:04,204 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:04,205 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 31 [2024-10-12 19:43:04,205 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:04,208 INFO L225 Difference]: With dead ends: 161 [2024-10-12 19:43:04,208 INFO L226 Difference]: Without dead ends: 103 [2024-10-12 19:43:04,209 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:04,210 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 64 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:04,210 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 126 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:04,211 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2024-10-12 19:43:04,220 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 101. [2024-10-12 19:43:04,221 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 74 states have (on average 1.3783783783783783) internal successors, (102), 82 states have internal predecessors, (102), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-12 19:43:04,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 134 transitions. [2024-10-12 19:43:04,222 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 134 transitions. Word has length 31 [2024-10-12 19:43:04,222 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:04,223 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 134 transitions. [2024-10-12 19:43:04,223 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:04,223 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 134 transitions. [2024-10-12 19:43:04,224 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:04,224 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:04,224 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:04,224 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:43:04,224 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:04,224 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:04,225 INFO L85 PathProgramCache]: Analyzing trace with hash 1239394501, now seen corresponding path program 1 times [2024-10-12 19:43:04,225 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:04,225 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1897100876] [2024-10-12 19:43:04,225 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:04,225 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:04,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,291 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:04,292 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,296 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:04,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,324 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:04,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,328 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:04,328 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:04,329 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1897100876] [2024-10-12 19:43:04,329 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1897100876] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:04,330 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:04,330 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:04,330 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [830372401] [2024-10-12 19:43:04,330 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:04,330 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:04,331 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:04,332 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:04,332 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:04,333 INFO L87 Difference]: Start difference. First operand 101 states and 134 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:04,526 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:04,526 INFO L93 Difference]: Finished difference Result 224 states and 306 transitions. [2024-10-12 19:43:04,527 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:04,527 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2024-10-12 19:43:04,527 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:04,528 INFO L225 Difference]: With dead ends: 224 [2024-10-12 19:43:04,528 INFO L226 Difference]: Without dead ends: 125 [2024-10-12 19:43:04,529 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:04,529 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 49 mSDsluCounter, 125 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:04,530 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 181 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:43:04,534 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2024-10-12 19:43:04,550 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 123. [2024-10-12 19:43:04,551 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 91 states have (on average 1.3736263736263736) internal successors, (125), 99 states have internal predecessors, (125), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:04,554 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 164 transitions. [2024-10-12 19:43:04,557 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 164 transitions. Word has length 40 [2024-10-12 19:43:04,557 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:04,557 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 164 transitions. [2024-10-12 19:43:04,557 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:04,557 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 164 transitions. [2024-10-12 19:43:04,558 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-12 19:43:04,558 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:04,558 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:04,558 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:43:04,559 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:04,559 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:04,559 INFO L85 PathProgramCache]: Analyzing trace with hash -401332796, now seen corresponding path program 1 times [2024-10-12 19:43:04,559 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:04,561 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2116246096] [2024-10-12 19:43:04,561 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:04,561 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:04,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:04,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:04,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,669 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:04,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-12 19:43:04,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:04,688 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:43:04,688 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:04,689 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2116246096] [2024-10-12 19:43:04,689 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2116246096] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:04,689 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:04,689 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-12 19:43:04,689 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [340213599] [2024-10-12 19:43:04,689 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:04,693 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-12 19:43:04,693 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:04,694 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-12 19:43:04,694 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:04,694 INFO L87 Difference]: Start difference. First operand 123 states and 164 transitions. Second operand has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:04,985 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:04,985 INFO L93 Difference]: Finished difference Result 244 states and 326 transitions. [2024-10-12 19:43:04,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-12 19:43:04,986 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 41 [2024-10-12 19:43:04,986 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:04,991 INFO L225 Difference]: With dead ends: 244 [2024-10-12 19:43:04,991 INFO L226 Difference]: Without dead ends: 123 [2024-10-12 19:43:04,992 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:43:04,992 INFO L432 NwaCegarLoop]: 52 mSDtfsCounter, 112 mSDsluCounter, 211 mSDsCounter, 0 mSdLazyCounter, 213 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 263 SdHoareTripleChecker+Invalid, 242 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 213 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:04,993 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [118 Valid, 263 Invalid, 242 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 213 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:43:04,993 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 123 states. [2024-10-12 19:43:05,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 123 to 121. [2024-10-12 19:43:05,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 121 states, 89 states have (on average 1.3370786516853932) internal successors, (119), 97 states have internal predecessors, (119), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:05,008 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 121 states to 121 states and 158 transitions. [2024-10-12 19:43:05,008 INFO L78 Accepts]: Start accepts. Automaton has 121 states and 158 transitions. Word has length 41 [2024-10-12 19:43:05,008 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:05,008 INFO L471 AbstractCegarLoop]: Abstraction has 121 states and 158 transitions. [2024-10-12 19:43:05,008 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:05,009 INFO L276 IsEmpty]: Start isEmpty. Operand 121 states and 158 transitions. [2024-10-12 19:43:05,009 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:05,009 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:05,010 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:05,010 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:43:05,010 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:05,010 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:05,010 INFO L85 PathProgramCache]: Analyzing trace with hash -1883877408, now seen corresponding path program 1 times [2024-10-12 19:43:05,010 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:05,011 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [719405827] [2024-10-12 19:43:05,011 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:05,011 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:05,017 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,056 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:05,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:05,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,076 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:05,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,078 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:05,078 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:05,078 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [719405827] [2024-10-12 19:43:05,078 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [719405827] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:05,078 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:05,078 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:05,079 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1058819496] [2024-10-12 19:43:05,079 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:05,079 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:05,079 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:05,079 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:05,080 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:05,080 INFO L87 Difference]: Start difference. First operand 121 states and 158 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:05,171 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:05,171 INFO L93 Difference]: Finished difference Result 244 states and 326 transitions. [2024-10-12 19:43:05,172 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:05,172 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2024-10-12 19:43:05,172 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:05,174 INFO L225 Difference]: With dead ends: 244 [2024-10-12 19:43:05,175 INFO L226 Difference]: Without dead ends: 125 [2024-10-12 19:43:05,175 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:05,176 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 49 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 178 SdHoareTripleChecker+Invalid, 131 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:05,180 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 178 Invalid, 131 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:05,180 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2024-10-12 19:43:05,190 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 123. [2024-10-12 19:43:05,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 91 states have (on average 1.3296703296703296) internal successors, (121), 99 states have internal predecessors, (121), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:05,191 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 160 transitions. [2024-10-12 19:43:05,193 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 160 transitions. Word has length 40 [2024-10-12 19:43:05,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:05,194 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 160 transitions. [2024-10-12 19:43:05,194 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:05,194 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 160 transitions. [2024-10-12 19:43:05,195 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:05,195 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:05,195 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:05,195 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:43:05,195 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:05,196 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:05,196 INFO L85 PathProgramCache]: Analyzing trace with hash 722146146, now seen corresponding path program 1 times [2024-10-12 19:43:05,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:05,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1338770951] [2024-10-12 19:43:05,197 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:05,198 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:05,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,242 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:05,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,248 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:05,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,262 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:05,263 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,265 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:05,265 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:05,266 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1338770951] [2024-10-12 19:43:05,266 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1338770951] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:05,266 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:05,267 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:05,267 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [864314731] [2024-10-12 19:43:05,267 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:05,268 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:05,268 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:05,268 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:05,268 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:05,268 INFO L87 Difference]: Start difference. First operand 123 states and 160 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:05,472 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:05,473 INFO L93 Difference]: Finished difference Result 358 states and 484 transitions. [2024-10-12 19:43:05,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:43:05,473 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2024-10-12 19:43:05,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:05,475 INFO L225 Difference]: With dead ends: 358 [2024-10-12 19:43:05,476 INFO L226 Difference]: Without dead ends: 237 [2024-10-12 19:43:05,477 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:05,478 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 184 mSDsluCounter, 110 mSDsCounter, 0 mSdLazyCounter, 156 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 197 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 156 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:05,478 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 197 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 156 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:05,480 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 237 states. [2024-10-12 19:43:05,507 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 237 to 235. [2024-10-12 19:43:05,509 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 235 states, 171 states have (on average 1.280701754385965) internal successors, (219), 183 states have internal predecessors, (219), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-10-12 19:43:05,510 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 235 states to 235 states and 306 transitions. [2024-10-12 19:43:05,510 INFO L78 Accepts]: Start accepts. Automaton has 235 states and 306 transitions. Word has length 40 [2024-10-12 19:43:05,511 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:05,511 INFO L471 AbstractCegarLoop]: Abstraction has 235 states and 306 transitions. [2024-10-12 19:43:05,512 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:05,512 INFO L276 IsEmpty]: Start isEmpty. Operand 235 states and 306 transitions. [2024-10-12 19:43:05,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-12 19:43:05,515 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:05,515 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:05,516 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:43:05,516 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:05,516 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:05,516 INFO L85 PathProgramCache]: Analyzing trace with hash 1224615112, now seen corresponding path program 1 times [2024-10-12 19:43:05,516 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:05,516 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [877671034] [2024-10-12 19:43:05,516 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:05,517 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:05,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,655 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:05,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,662 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:05,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,670 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:43:05,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,687 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-12 19:43:05,688 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:05,689 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:05,690 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:05,690 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [877671034] [2024-10-12 19:43:05,690 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [877671034] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:05,690 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:05,690 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-12 19:43:05,690 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1960258012] [2024-10-12 19:43:05,690 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:05,691 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-12 19:43:05,691 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:05,691 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-12 19:43:05,691 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:43:05,692 INFO L87 Difference]: Start difference. First operand 235 states and 306 transitions. Second operand has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:06,279 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:06,279 INFO L93 Difference]: Finished difference Result 615 states and 848 transitions. [2024-10-12 19:43:06,280 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-10-12 19:43:06,280 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-12 19:43:06,280 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:06,283 INFO L225 Difference]: With dead ends: 615 [2024-10-12 19:43:06,283 INFO L226 Difference]: Without dead ends: 426 [2024-10-12 19:43:06,284 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 74 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=118, Invalid=302, Unknown=0, NotChecked=0, Total=420 [2024-10-12 19:43:06,284 INFO L432 NwaCegarLoop]: 69 mSDtfsCounter, 429 mSDsluCounter, 258 mSDsCounter, 0 mSdLazyCounter, 419 mSolverCounterSat, 151 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 434 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 570 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 151 IncrementalHoareTripleChecker+Valid, 419 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:06,285 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [434 Valid, 327 Invalid, 570 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [151 Valid, 419 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-12 19:43:06,285 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 426 states. [2024-10-12 19:43:06,319 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 426 to 363. [2024-10-12 19:43:06,320 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 363 states, 265 states have (on average 1.2679245283018867) internal successors, (336), 286 states have internal predecessors, (336), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-10-12 19:43:06,322 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 363 states to 363 states and 470 transitions. [2024-10-12 19:43:06,322 INFO L78 Accepts]: Start accepts. Automaton has 363 states and 470 transitions. Word has length 44 [2024-10-12 19:43:06,323 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:06,323 INFO L471 AbstractCegarLoop]: Abstraction has 363 states and 470 transitions. [2024-10-12 19:43:06,323 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:06,323 INFO L276 IsEmpty]: Start isEmpty. Operand 363 states and 470 transitions. [2024-10-12 19:43:06,324 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-10-12 19:43:06,324 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:06,324 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:06,325 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:43:06,325 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:06,325 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:06,325 INFO L85 PathProgramCache]: Analyzing trace with hash -32394315, now seen corresponding path program 1 times [2024-10-12 19:43:06,325 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:06,325 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [447569807] [2024-10-12 19:43:06,325 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:06,326 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:06,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,425 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:06,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,442 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:43:06,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,471 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:43:06,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,481 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:06,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,494 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-12 19:43:06,495 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,505 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-12 19:43:06,506 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,510 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:06,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,511 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 71 [2024-10-12 19:43:06,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,514 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:43:06,514 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:06,514 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [447569807] [2024-10-12 19:43:06,514 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [447569807] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:43:06,514 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1247791761] [2024-10-12 19:43:06,514 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:06,515 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:43:06,515 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:43:06,519 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:43:06,522 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:43:06,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:06,604 INFO L255 TraceCheckSpWp]: Trace formula consists of 287 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-12 19:43:06,612 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:43:06,813 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:43:06,813 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:43:07,019 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:43:07,020 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1247791761] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:43:07,020 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:43:07,020 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-12 19:43:07,020 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1974004188] [2024-10-12 19:43:07,020 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,024 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:43:07,025 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,025 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:43:07,025 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:43:07,025 INFO L87 Difference]: Start difference. First operand 363 states and 470 transitions. Second operand has 15 states, 12 states have (on average 8.416666666666666) internal successors, (101), 10 states have internal predecessors, (101), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-12 19:43:08,126 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:08,130 INFO L93 Difference]: Finished difference Result 758 states and 1005 transitions. [2024-10-12 19:43:08,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-12 19:43:08,130 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 8.416666666666666) internal successors, (101), 10 states have internal predecessors, (101), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 78 [2024-10-12 19:43:08,131 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:08,131 INFO L225 Difference]: With dead ends: 758 [2024-10-12 19:43:08,131 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:43:08,133 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 215 GetRequests, 174 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-12 19:43:08,134 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 339 mSDsluCounter, 512 mSDsCounter, 0 mSdLazyCounter, 825 mSolverCounterSat, 126 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 342 SdHoareTripleChecker+Valid, 622 SdHoareTripleChecker+Invalid, 951 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 126 IncrementalHoareTripleChecker+Valid, 825 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:08,134 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [342 Valid, 622 Invalid, 951 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [126 Valid, 825 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-10-12 19:43:08,138 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:43:08,138 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:43:08,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:43:08,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:43:08,139 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 78 [2024-10-12 19:43:08,139 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:08,139 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:43:08,139 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 8.416666666666666) internal successors, (101), 10 states have internal predecessors, (101), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-12 19:43:08,139 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:43:08,139 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:43:08,142 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:43:08,161 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-12 19:43:08,346 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:43:08,348 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:08,350 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:43:10,699 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:43:10,717 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:10,724 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:43:10,728 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:10,734 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:43:10 BoogieIcfgContainer [2024-10-12 19:43:10,734 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:43:10,735 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:43:10,735 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:43:10,735 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:43:10,735 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:03" (3/4) ... [2024-10-12 19:43:10,737 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:43:10,739 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:43:10,739 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:43:10,739 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:43:10,739 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:43:10,740 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:10,740 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:43:10,740 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-12 19:43:10,744 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 36 nodes and edges [2024-10-12 19:43:10,745 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:43:10,745 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:43:10,745 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:10,746 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:10,822 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:43:10,822 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:43:10,822 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:43:10,823 INFO L158 Benchmark]: Toolchain (without parser) took 8404.78ms. Allocated memory was 201.3MB in the beginning and 320.9MB in the end (delta: 119.5MB). Free memory was 130.2MB in the beginning and 201.3MB in the end (delta: -71.1MB). Peak memory consumption was 49.0MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,823 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 201.3MB. Free memory is still 160.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:43:10,823 INFO L158 Benchmark]: CACSL2BoogieTranslator took 404.01ms. Allocated memory is still 201.3MB. Free memory was 129.9MB in the beginning and 108.5MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,823 INFO L158 Benchmark]: Boogie Procedure Inliner took 41.41ms. Allocated memory is still 201.3MB. Free memory was 108.5MB in the beginning and 106.1MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,823 INFO L158 Benchmark]: Boogie Preprocessor took 41.34ms. Allocated memory is still 201.3MB. Free memory was 106.1MB in the beginning and 103.8MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,824 INFO L158 Benchmark]: RCFGBuilder took 498.37ms. Allocated memory is still 201.3MB. Free memory was 103.8MB in the beginning and 146.6MB in the end (delta: -42.8MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,824 INFO L158 Benchmark]: TraceAbstraction took 7323.21ms. Allocated memory was 201.3MB in the beginning and 320.9MB in the end (delta: 119.5MB). Free memory was 145.6MB in the beginning and 209.7MB in the end (delta: -64.2MB). Peak memory consumption was 159.9MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,824 INFO L158 Benchmark]: Witness Printer took 87.50ms. Allocated memory is still 320.9MB. Free memory was 209.7MB in the beginning and 201.3MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-12 19:43:10,826 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 201.3MB. Free memory is still 160.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 404.01ms. Allocated memory is still 201.3MB. Free memory was 129.9MB in the beginning and 108.5MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 41.41ms. Allocated memory is still 201.3MB. Free memory was 108.5MB in the beginning and 106.1MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 41.34ms. Allocated memory is still 201.3MB. Free memory was 106.1MB in the beginning and 103.8MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 498.37ms. Allocated memory is still 201.3MB. Free memory was 103.8MB in the beginning and 146.6MB in the end (delta: -42.8MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * TraceAbstraction took 7323.21ms. Allocated memory was 201.3MB in the beginning and 320.9MB in the end (delta: 119.5MB). Free memory was 145.6MB in the beginning and 209.7MB in the end (delta: -64.2MB). Peak memory consumption was 159.9MB. Max. memory is 16.1GB. * Witness Printer took 87.50ms. Allocated memory is still 320.9MB. Free memory was 209.7MB in the beginning and 201.3MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [96] - GenericResultAtLocation [Line: 199]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [199] - GenericResultAtLocation [Line: 308]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [308] - GenericResultAtLocation [Line: 674]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [674] - GenericResultAtLocation [Line: 724]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [724] - GenericResultAtLocation [Line: 789]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [789] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 73 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.9s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1336 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1304 mSDsluCounter, 2168 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1447 mSDsCounter, 396 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1930 IncrementalHoareTripleChecker+Invalid, 2326 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 396 mSolverCounterUnsat, 721 mSDtfsCounter, 1930 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 335 GetRequests, 245 SyntacticMatches, 4 SemanticMatches, 86 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=363occurred in iteration=9, InterpolantAutomatonStates: 83, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 73 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 463 NumberOfCodeBlocks, 463 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 529 ConstructedInterpolants, 0 QuantifiedInterpolants, 1035 SizeOfPredicates, 2 NumberOfNonLiveVariables, 287 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 71/99 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 734]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 735]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - ProcedureContractResult [Line: 822]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 232]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 795]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) - ProcedureContractResult [Line: 99]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 830]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 220]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 926]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:43:10,851 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE