./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a046e57d Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-mul-div-a046e57-m [2024-10-12 19:43:03,485 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-12 19:43:03,552 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-12 19:43:03,559 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-12 19:43:03,560 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-12 19:43:03,601 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-12 19:43:03,602 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-12 19:43:03,602 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-12 19:43:03,603 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-12 19:43:03,607 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-12 19:43:03,607 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-12 19:43:03,607 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-12 19:43:03,608 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-12 19:43:03,608 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-12 19:43:03,608 INFO L153 SettingsManager]: * Use SBE=true [2024-10-12 19:43:03,609 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-12 19:43:03,609 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-12 19:43:03,609 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-12 19:43:03,609 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-12 19:43:03,610 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-12 19:43:03,610 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-12 19:43:03,613 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-12 19:43:03,613 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-12 19:43:03,614 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-12 19:43:03,614 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-12 19:43:03,614 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-12 19:43:03,614 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-12 19:43:03,615 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-12 19:43:03,615 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-12 19:43:03,615 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-12 19:43:03,615 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-12 19:43:03,616 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-12 19:43:03,616 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:43:03,616 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-12 19:43:03,616 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-12 19:43:03,617 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-12 19:43:03,617 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-12 19:43:03,617 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-12 19:43:03,618 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-12 19:43:03,622 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-12 19:43:03,623 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-12 19:43:03,623 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-12 19:43:03,623 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2024-10-12 19:43:03,851 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-12 19:43:03,874 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-12 19:43:03,878 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-12 19:43:03,879 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-12 19:43:03,879 INFO L274 PluginConnector]: CDTParser initialized [2024-10-12 19:43:03,881 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-10-12 19:43:05,293 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-12 19:43:05,512 INFO L384 CDTParser]: Found 1 translation units. [2024-10-12 19:43:05,512 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-10-12 19:43:05,525 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7006bb594/161d6ade5dda47eab8499dc8d5754ad0/FLAG4b53ce3e9 [2024-10-12 19:43:05,537 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7006bb594/161d6ade5dda47eab8499dc8d5754ad0 [2024-10-12 19:43:05,540 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-12 19:43:05,541 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-12 19:43:05,544 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-12 19:43:05,545 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-12 19:43:05,550 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-12 19:43:05,551 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:43:05" (1/1) ... [2024-10-12 19:43:05,552 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@41a4094c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:05, skipping insertion in model container [2024-10-12 19:43:05,552 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 12.10 07:43:05" (1/1) ... [2024-10-12 19:43:05,594 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-12 19:43:05,891 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-10-12 19:43:05,924 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:43:05,933 INFO L200 MainTranslator]: Completed pre-run [2024-10-12 19:43:05,943 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-10-12 19:43:05,946 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2024-10-12 19:43:05,946 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2024-10-12 19:43:05,949 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2024-10-12 19:43:05,950 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2024-10-12 19:43:05,950 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-10-12 19:43:05,950 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2024-10-12 19:43:05,950 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-10-12 19:43:05,994 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-10-12 19:43:06,003 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-12 19:43:06,026 INFO L204 MainTranslator]: Completed translation [2024-10-12 19:43:06,026 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06 WrapperNode [2024-10-12 19:43:06,026 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-12 19:43:06,028 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-12 19:43:06,028 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-12 19:43:06,028 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-12 19:43:06,035 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,053 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,092 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 235 [2024-10-12 19:43:06,094 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-12 19:43:06,095 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-12 19:43:06,095 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-12 19:43:06,096 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-12 19:43:06,106 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,106 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,108 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,137 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-12 19:43:06,137 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,138 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,146 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,153 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,159 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,160 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,162 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-12 19:43:06,164 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-12 19:43:06,165 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-12 19:43:06,165 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-12 19:43:06,166 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (1/1) ... [2024-10-12 19:43:06,172 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-12 19:43:06,183 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:43:06,198 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-12 19:43:06,206 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-12 19:43:06,257 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-12 19:43:06,257 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-12 19:43:06,257 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-12 19:43:06,258 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-12 19:43:06,258 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-12 19:43:06,258 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-12 19:43:06,258 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-12 19:43:06,258 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:06,258 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:06,258 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-12 19:43:06,259 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-12 19:43:06,259 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-12 19:43:06,259 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-12 19:43:06,260 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-12 19:43:06,260 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-12 19:43:06,260 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-12 19:43:06,260 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-12 19:43:06,260 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-12 19:43:06,349 INFO L238 CfgBuilder]: Building ICFG [2024-10-12 19:43:06,352 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-12 19:43:06,640 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-10-12 19:43:06,641 INFO L287 CfgBuilder]: Performing block encoding [2024-10-12 19:43:06,715 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-12 19:43:06,716 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-12 19:43:06,716 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:06 BoogieIcfgContainer [2024-10-12 19:43:06,716 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-12 19:43:06,721 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-12 19:43:06,721 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-12 19:43:06,724 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-12 19:43:06,724 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 12.10 07:43:05" (1/3) ... [2024-10-12 19:43:06,725 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3230a982 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:43:06, skipping insertion in model container [2024-10-12 19:43:06,725 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 12.10 07:43:06" (2/3) ... [2024-10-12 19:43:06,726 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3230a982 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 12.10 07:43:06, skipping insertion in model container [2024-10-12 19:43:06,726 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:06" (3/3) ... [2024-10-12 19:43:06,727 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2024-10-12 19:43:06,744 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-12 19:43:06,744 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-12 19:43:06,813 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-12 19:43:06,819 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4280826c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-12 19:43:06,819 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-12 19:43:06,823 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 52 states have (on average 1.5384615384615385) internal successors, (80), 60 states have internal predecessors, (80), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-12 19:43:06,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-12 19:43:06,833 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:06,834 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:06,834 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:06,838 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:06,839 INFO L85 PathProgramCache]: Analyzing trace with hash -943798633, now seen corresponding path program 1 times [2024-10-12 19:43:06,846 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:06,846 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [253815941] [2024-10-12 19:43:06,846 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:06,847 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:06,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,029 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:07,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,037 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:07,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,050 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:07,051 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:07,051 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [253815941] [2024-10-12 19:43:07,056 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [253815941] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:07,056 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:07,056 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-12 19:43:07,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2037845996] [2024-10-12 19:43:07,059 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,068 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-12 19:43:07,068 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,088 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-12 19:43:07,088 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:07,090 INFO L87 Difference]: Start difference. First operand has 73 states, 52 states have (on average 1.5384615384615385) internal successors, (80), 60 states have internal predecessors, (80), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:07,161 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:07,161 INFO L93 Difference]: Finished difference Result 144 states and 209 transitions. [2024-10-12 19:43:07,162 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-12 19:43:07,163 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-12 19:43:07,164 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:07,171 INFO L225 Difference]: With dead ends: 144 [2024-10-12 19:43:07,171 INFO L226 Difference]: Without dead ends: 68 [2024-10-12 19:43:07,174 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-12 19:43:07,176 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 82 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:07,177 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 82 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:07,190 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2024-10-12 19:43:07,207 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2024-10-12 19:43:07,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 49 states have (on average 1.4285714285714286) internal successors, (70), 56 states have internal predecessors, (70), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-12 19:43:07,210 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 93 transitions. [2024-10-12 19:43:07,211 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 93 transitions. Word has length 22 [2024-10-12 19:43:07,211 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:07,212 INFO L471 AbstractCegarLoop]: Abstraction has 68 states and 93 transitions. [2024-10-12 19:43:07,212 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:07,212 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 93 transitions. [2024-10-12 19:43:07,214 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-12 19:43:07,214 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:07,215 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:07,215 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-12 19:43:07,215 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:07,216 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:07,216 INFO L85 PathProgramCache]: Analyzing trace with hash 252126668, now seen corresponding path program 1 times [2024-10-12 19:43:07,216 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:07,217 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [526208213] [2024-10-12 19:43:07,217 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:07,217 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:07,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,352 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:07,354 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,358 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-12 19:43:07,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,362 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:07,362 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:07,362 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [526208213] [2024-10-12 19:43:07,362 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [526208213] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:07,363 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:07,363 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:07,363 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [703380914] [2024-10-12 19:43:07,365 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,366 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:07,366 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,367 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:07,368 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,368 INFO L87 Difference]: Start difference. First operand 68 states and 93 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:07,421 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:07,421 INFO L93 Difference]: Finished difference Result 109 states and 149 transitions. [2024-10-12 19:43:07,423 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:07,423 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-12 19:43:07,424 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:07,425 INFO L225 Difference]: With dead ends: 109 [2024-10-12 19:43:07,426 INFO L226 Difference]: Without dead ends: 60 [2024-10-12 19:43:07,427 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,428 INFO L432 NwaCegarLoop]: 68 mSDtfsCounter, 11 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 123 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:07,430 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 123 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:07,431 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2024-10-12 19:43:07,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2024-10-12 19:43:07,443 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 44 states have (on average 1.4545454545454546) internal successors, (64), 51 states have internal predecessors, (64), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:43:07,444 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 82 transitions. [2024-10-12 19:43:07,444 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 82 transitions. Word has length 23 [2024-10-12 19:43:07,444 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:07,444 INFO L471 AbstractCegarLoop]: Abstraction has 60 states and 82 transitions. [2024-10-12 19:43:07,445 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-12 19:43:07,445 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 82 transitions. [2024-10-12 19:43:07,446 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-12 19:43:07,446 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:07,447 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:07,447 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-12 19:43:07,447 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:07,448 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:07,448 INFO L85 PathProgramCache]: Analyzing trace with hash 1908881923, now seen corresponding path program 1 times [2024-10-12 19:43:07,448 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:07,448 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1433457805] [2024-10-12 19:43:07,448 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:07,449 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:07,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,550 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:07,552 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,559 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-12 19:43:07,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,562 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:07,564 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:07,564 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1433457805] [2024-10-12 19:43:07,565 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1433457805] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:07,565 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:07,565 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:07,566 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1636312574] [2024-10-12 19:43:07,566 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,566 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:07,567 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,568 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:07,568 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,569 INFO L87 Difference]: Start difference. First operand 60 states and 82 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:07,611 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:07,611 INFO L93 Difference]: Finished difference Result 118 states and 163 transitions. [2024-10-12 19:43:07,613 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:07,613 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-12 19:43:07,613 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:07,614 INFO L225 Difference]: With dead ends: 118 [2024-10-12 19:43:07,614 INFO L226 Difference]: Without dead ends: 60 [2024-10-12 19:43:07,615 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,617 INFO L432 NwaCegarLoop]: 66 mSDtfsCounter, 74 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:07,617 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 66 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-12 19:43:07,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2024-10-12 19:43:07,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2024-10-12 19:43:07,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 44 states have (on average 1.4318181818181819) internal successors, (63), 51 states have internal predecessors, (63), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-12 19:43:07,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 81 transitions. [2024-10-12 19:43:07,633 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 81 transitions. Word has length 26 [2024-10-12 19:43:07,634 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:07,635 INFO L471 AbstractCegarLoop]: Abstraction has 60 states and 81 transitions. [2024-10-12 19:43:07,635 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:07,635 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 81 transitions. [2024-10-12 19:43:07,637 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-10-12 19:43:07,637 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:07,638 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:07,638 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-12 19:43:07,638 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:07,639 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:07,639 INFO L85 PathProgramCache]: Analyzing trace with hash 750342936, now seen corresponding path program 1 times [2024-10-12 19:43:07,639 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:07,639 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [626261768] [2024-10-12 19:43:07,640 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:07,640 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:07,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,719 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:07,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,724 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-10-12 19:43:07,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,727 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:07,727 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:07,728 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [626261768] [2024-10-12 19:43:07,728 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [626261768] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:07,728 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:07,728 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-12 19:43:07,728 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1454767546] [2024-10-12 19:43:07,729 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,729 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-12 19:43:07,729 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,730 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-12 19:43:07,730 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,730 INFO L87 Difference]: Start difference. First operand 60 states and 81 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:07,804 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:07,805 INFO L93 Difference]: Finished difference Result 161 states and 220 transitions. [2024-10-12 19:43:07,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-12 19:43:07,806 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 31 [2024-10-12 19:43:07,806 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:07,807 INFO L225 Difference]: With dead ends: 161 [2024-10-12 19:43:07,807 INFO L226 Difference]: Without dead ends: 103 [2024-10-12 19:43:07,808 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-12 19:43:07,809 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 64 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 124 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:07,811 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 124 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:07,813 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2024-10-12 19:43:07,835 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 101. [2024-10-12 19:43:07,836 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 74 states have (on average 1.3783783783783783) internal successors, (102), 82 states have internal predecessors, (102), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-12 19:43:07,841 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 134 transitions. [2024-10-12 19:43:07,841 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 134 transitions. Word has length 31 [2024-10-12 19:43:07,842 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:07,842 INFO L471 AbstractCegarLoop]: Abstraction has 101 states and 134 transitions. [2024-10-12 19:43:07,842 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-12 19:43:07,842 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 134 transitions. [2024-10-12 19:43:07,843 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:07,843 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:07,843 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:07,843 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-12 19:43:07,844 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:07,844 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:07,844 INFO L85 PathProgramCache]: Analyzing trace with hash 54177825, now seen corresponding path program 1 times [2024-10-12 19:43:07,845 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:07,845 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [710222975] [2024-10-12 19:43:07,845 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:07,845 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:07,861 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,925 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:07,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,934 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:07,937 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,968 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:07,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:07,971 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:07,972 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:07,972 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [710222975] [2024-10-12 19:43:07,972 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [710222975] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:07,972 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:07,973 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:07,974 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2028906785] [2024-10-12 19:43:07,974 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:07,974 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:07,974 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:07,975 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:07,975 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:07,975 INFO L87 Difference]: Start difference. First operand 101 states and 134 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:08,144 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:08,144 INFO L93 Difference]: Finished difference Result 224 states and 306 transitions. [2024-10-12 19:43:08,145 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-12 19:43:08,145 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2024-10-12 19:43:08,145 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:08,146 INFO L225 Difference]: With dead ends: 224 [2024-10-12 19:43:08,146 INFO L226 Difference]: Without dead ends: 125 [2024-10-12 19:43:08,147 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:08,148 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 49 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 177 SdHoareTripleChecker+Invalid, 132 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:08,152 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 177 Invalid, 132 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:08,153 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2024-10-12 19:43:08,171 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 123. [2024-10-12 19:43:08,172 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 91 states have (on average 1.3736263736263736) internal successors, (125), 99 states have internal predecessors, (125), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:08,175 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 164 transitions. [2024-10-12 19:43:08,175 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 164 transitions. Word has length 40 [2024-10-12 19:43:08,175 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:08,175 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 164 transitions. [2024-10-12 19:43:08,176 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:08,176 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 164 transitions. [2024-10-12 19:43:08,177 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-10-12 19:43:08,177 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:08,177 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:08,177 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-12 19:43:08,177 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:08,177 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:08,177 INFO L85 PathProgramCache]: Analyzing trace with hash 464809139, now seen corresponding path program 1 times [2024-10-12 19:43:08,178 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:08,178 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1497104972] [2024-10-12 19:43:08,178 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:08,178 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:08,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,270 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:08,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,279 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:08,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,291 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-12 19:43:08,292 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,294 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-10-12 19:43:08,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,310 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-12 19:43:08,310 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:08,311 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1497104972] [2024-10-12 19:43:08,311 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1497104972] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:08,311 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:08,311 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-10-12 19:43:08,312 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1152949608] [2024-10-12 19:43:08,312 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:08,312 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-10-12 19:43:08,312 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:08,313 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-10-12 19:43:08,313 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:08,313 INFO L87 Difference]: Start difference. First operand 123 states and 164 transitions. Second operand has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:08,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:08,644 INFO L93 Difference]: Finished difference Result 244 states and 326 transitions. [2024-10-12 19:43:08,644 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-10-12 19:43:08,644 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 41 [2024-10-12 19:43:08,645 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:08,646 INFO L225 Difference]: With dead ends: 244 [2024-10-12 19:43:08,646 INFO L226 Difference]: Without dead ends: 123 [2024-10-12 19:43:08,647 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-10-12 19:43:08,648 INFO L432 NwaCegarLoop]: 51 mSDtfsCounter, 112 mSDsluCounter, 206 mSDsCounter, 0 mSdLazyCounter, 219 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 257 SdHoareTripleChecker+Invalid, 248 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 219 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:08,648 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [118 Valid, 257 Invalid, 248 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 219 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:43:08,650 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 123 states. [2024-10-12 19:43:08,670 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 123 to 121. [2024-10-12 19:43:08,671 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 121 states, 89 states have (on average 1.3370786516853932) internal successors, (119), 97 states have internal predecessors, (119), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:08,672 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 121 states to 121 states and 158 transitions. [2024-10-12 19:43:08,673 INFO L78 Accepts]: Start accepts. Automaton has 121 states and 158 transitions. Word has length 41 [2024-10-12 19:43:08,673 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:08,673 INFO L471 AbstractCegarLoop]: Abstraction has 121 states and 158 transitions. [2024-10-12 19:43:08,673 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-10-12 19:43:08,673 INFO L276 IsEmpty]: Start isEmpty. Operand 121 states and 158 transitions. [2024-10-12 19:43:08,674 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:08,674 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:08,674 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:08,675 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-12 19:43:08,675 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:08,675 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:08,676 INFO L85 PathProgramCache]: Analyzing trace with hash 720314587, now seen corresponding path program 1 times [2024-10-12 19:43:08,676 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:08,676 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1205213713] [2024-10-12 19:43:08,676 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:08,676 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:08,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,756 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:08,758 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,765 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:08,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,803 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:08,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:08,806 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:08,806 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:08,806 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1205213713] [2024-10-12 19:43:08,806 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1205213713] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:08,807 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:08,807 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-12 19:43:08,807 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1352695272] [2024-10-12 19:43:08,808 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:08,808 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-12 19:43:08,808 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:08,809 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-12 19:43:08,809 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-12 19:43:08,810 INFO L87 Difference]: Start difference. First operand 121 states and 158 transitions. Second operand has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-12 19:43:08,977 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:08,978 INFO L93 Difference]: Finished difference Result 244 states and 326 transitions. [2024-10-12 19:43:08,978 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-12 19:43:08,978 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 40 [2024-10-12 19:43:08,978 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:08,979 INFO L225 Difference]: With dead ends: 244 [2024-10-12 19:43:08,979 INFO L226 Difference]: Without dead ends: 125 [2024-10-12 19:43:08,980 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:43:08,980 INFO L432 NwaCegarLoop]: 53 mSDtfsCounter, 122 mSDsluCounter, 118 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 153 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:08,981 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 171 Invalid, 153 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-12 19:43:08,981 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2024-10-12 19:43:08,991 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 123. [2024-10-12 19:43:08,992 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 123 states, 91 states have (on average 1.3296703296703296) internal successors, (121), 99 states have internal predecessors, (121), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-12 19:43:08,992 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 123 states to 123 states and 160 transitions. [2024-10-12 19:43:08,993 INFO L78 Accepts]: Start accepts. Automaton has 123 states and 160 transitions. Word has length 40 [2024-10-12 19:43:08,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:08,993 INFO L471 AbstractCegarLoop]: Abstraction has 123 states and 160 transitions. [2024-10-12 19:43:08,993 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.333333333333333) internal successors, (32), 5 states have internal predecessors, (32), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-12 19:43:08,993 INFO L276 IsEmpty]: Start isEmpty. Operand 123 states and 160 transitions. [2024-10-12 19:43:08,994 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-10-12 19:43:08,994 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:08,995 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:08,995 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-12 19:43:08,995 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:08,995 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:08,996 INFO L85 PathProgramCache]: Analyzing trace with hash -968629155, now seen corresponding path program 1 times [2024-10-12 19:43:08,996 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:08,996 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [154695466] [2024-10-12 19:43:08,996 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:08,996 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:09,004 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,055 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-12 19:43:09,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-12 19:43:09,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,080 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-10-12 19:43:09,082 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,083 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:09,083 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:09,084 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [154695466] [2024-10-12 19:43:09,084 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [154695466] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:09,084 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:09,085 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-12 19:43:09,085 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [420742344] [2024-10-12 19:43:09,085 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:09,086 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-12 19:43:09,086 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:09,086 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-12 19:43:09,086 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-12 19:43:09,087 INFO L87 Difference]: Start difference. First operand 123 states and 160 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:09,331 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:09,331 INFO L93 Difference]: Finished difference Result 358 states and 484 transitions. [2024-10-12 19:43:09,332 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-12 19:43:09,332 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 40 [2024-10-12 19:43:09,332 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:09,334 INFO L225 Difference]: With dead ends: 358 [2024-10-12 19:43:09,334 INFO L226 Difference]: Without dead ends: 237 [2024-10-12 19:43:09,337 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-12 19:43:09,339 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 184 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 162 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 191 SdHoareTripleChecker+Invalid, 224 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 162 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:09,339 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 191 Invalid, 224 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 162 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-12 19:43:09,340 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 237 states. [2024-10-12 19:43:09,372 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 237 to 235. [2024-10-12 19:43:09,373 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 235 states, 171 states have (on average 1.280701754385965) internal successors, (219), 183 states have internal predecessors, (219), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-10-12 19:43:09,375 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 235 states to 235 states and 306 transitions. [2024-10-12 19:43:09,375 INFO L78 Accepts]: Start accepts. Automaton has 235 states and 306 transitions. Word has length 40 [2024-10-12 19:43:09,376 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:09,378 INFO L471 AbstractCegarLoop]: Abstraction has 235 states and 306 transitions. [2024-10-12 19:43:09,379 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 4 states have internal predecessors, (32), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-12 19:43:09,379 INFO L276 IsEmpty]: Start isEmpty. Operand 235 states and 306 transitions. [2024-10-12 19:43:09,380 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-10-12 19:43:09,380 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:09,380 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:09,380 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-12 19:43:09,380 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:09,381 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:09,381 INFO L85 PathProgramCache]: Analyzing trace with hash -146517949, now seen corresponding path program 1 times [2024-10-12 19:43:09,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:09,381 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [96269737] [2024-10-12 19:43:09,381 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:09,381 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:09,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,542 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:09,543 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,549 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-12 19:43:09,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,558 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-12 19:43:09,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,580 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2024-10-12 19:43:09,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:09,582 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-12 19:43:09,583 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:09,583 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [96269737] [2024-10-12 19:43:09,583 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [96269737] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-12 19:43:09,583 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-12 19:43:09,584 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-10-12 19:43:09,584 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1314697845] [2024-10-12 19:43:09,584 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-12 19:43:09,584 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-10-12 19:43:09,584 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:09,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-10-12 19:43:09,585 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-10-12 19:43:09,586 INFO L87 Difference]: Start difference. First operand 235 states and 306 transitions. Second operand has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:10,126 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:10,127 INFO L93 Difference]: Finished difference Result 615 states and 848 transitions. [2024-10-12 19:43:10,128 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-10-12 19:43:10,128 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 44 [2024-10-12 19:43:10,128 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:10,134 INFO L225 Difference]: With dead ends: 615 [2024-10-12 19:43:10,134 INFO L226 Difference]: Without dead ends: 426 [2024-10-12 19:43:10,136 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 74 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=118, Invalid=302, Unknown=0, NotChecked=0, Total=420 [2024-10-12 19:43:10,138 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 466 mSDsluCounter, 212 mSDsCounter, 0 mSdLazyCounter, 371 mSolverCounterSat, 166 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 471 SdHoareTripleChecker+Valid, 279 SdHoareTripleChecker+Invalid, 537 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 166 IncrementalHoareTripleChecker+Valid, 371 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:10,138 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [471 Valid, 279 Invalid, 537 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [166 Valid, 371 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-10-12 19:43:10,139 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 426 states. [2024-10-12 19:43:10,173 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 426 to 363. [2024-10-12 19:43:10,174 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 363 states, 265 states have (on average 1.2679245283018867) internal successors, (336), 286 states have internal predecessors, (336), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-10-12 19:43:10,176 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 363 states to 363 states and 470 transitions. [2024-10-12 19:43:10,177 INFO L78 Accepts]: Start accepts. Automaton has 363 states and 470 transitions. Word has length 44 [2024-10-12 19:43:10,177 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:10,177 INFO L471 AbstractCegarLoop]: Abstraction has 363 states and 470 transitions. [2024-10-12 19:43:10,178 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 3.7777777777777777) internal successors, (34), 7 states have internal predecessors, (34), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-12 19:43:10,178 INFO L276 IsEmpty]: Start isEmpty. Operand 363 states and 470 transitions. [2024-10-12 19:43:10,179 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-10-12 19:43:10,179 INFO L207 NwaCegarLoop]: Found error trace [2024-10-12 19:43:10,179 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:10,180 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-12 19:43:10,180 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-12 19:43:10,180 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-12 19:43:10,180 INFO L85 PathProgramCache]: Analyzing trace with hash -905869770, now seen corresponding path program 1 times [2024-10-12 19:43:10,180 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-12 19:43:10,181 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1485790695] [2024-10-12 19:43:10,181 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:10,181 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-12 19:43:10,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-12 19:43:10,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,299 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-12 19:43:10,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,319 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-12 19:43:10,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,328 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-12 19:43:10,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,338 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-10-12 19:43:10,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,358 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-10-12 19:43:10,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,362 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-12 19:43:10,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,363 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 71 [2024-10-12 19:43:10,364 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,366 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:43:10,366 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-12 19:43:10,366 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1485790695] [2024-10-12 19:43:10,366 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1485790695] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-12 19:43:10,366 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1463723095] [2024-10-12 19:43:10,367 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-12 19:43:10,367 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-12 19:43:10,367 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-12 19:43:10,369 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-12 19:43:10,370 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-12 19:43:10,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-12 19:43:10,461 INFO L255 TraceCheckSpWp]: Trace formula consists of 289 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-12 19:43:10,468 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-12 19:43:10,630 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-12 19:43:10,630 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-12 19:43:10,812 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-12 19:43:10,813 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1463723095] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-12 19:43:10,813 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-12 19:43:10,813 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-12 19:43:10,813 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [937960706] [2024-10-12 19:43:10,814 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-12 19:43:10,814 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-12 19:43:10,814 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-12 19:43:10,815 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-12 19:43:10,815 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-12 19:43:10,816 INFO L87 Difference]: Start difference. First operand 363 states and 470 transitions. Second operand has 15 states, 11 states have (on average 8.454545454545455) internal successors, (93), 10 states have internal predecessors, (93), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:43:11,811 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-12 19:43:11,812 INFO L93 Difference]: Finished difference Result 758 states and 1005 transitions. [2024-10-12 19:43:11,812 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-12 19:43:11,812 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 8.454545454545455) internal successors, (93), 10 states have internal predecessors, (93), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 78 [2024-10-12 19:43:11,813 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-12 19:43:11,813 INFO L225 Difference]: With dead ends: 758 [2024-10-12 19:43:11,814 INFO L226 Difference]: Without dead ends: 0 [2024-10-12 19:43:11,816 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 216 GetRequests, 175 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 338 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-12 19:43:11,818 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 384 mSDsluCounter, 569 mSDsCounter, 0 mSdLazyCounter, 951 mSolverCounterSat, 144 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 388 SdHoareTripleChecker+Valid, 675 SdHoareTripleChecker+Invalid, 1095 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 144 IncrementalHoareTripleChecker+Valid, 951 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-12 19:43:11,819 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [388 Valid, 675 Invalid, 1095 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [144 Valid, 951 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-12 19:43:11,820 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-12 19:43:11,820 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-12 19:43:11,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-12 19:43:11,820 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-12 19:43:11,821 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 78 [2024-10-12 19:43:11,821 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-12 19:43:11,821 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-12 19:43:11,821 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 8.454545454545455) internal successors, (93), 10 states have internal predecessors, (93), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-10-12 19:43:11,821 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-12 19:43:11,821 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-12 19:43:11,825 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-12 19:43:11,843 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-12 19:43:12,029 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-12 19:43:12,032 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-12 19:43:12,033 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-12 19:43:14,722 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-12 19:43:14,748 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:14,758 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-12 19:43:14,764 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-12 19:43:14,773 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 12.10 07:43:14 BoogieIcfgContainer [2024-10-12 19:43:14,773 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-12 19:43:14,774 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-12 19:43:14,774 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-12 19:43:14,775 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-12 19:43:14,775 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 12.10 07:43:06" (3/4) ... [2024-10-12 19:43:14,781 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-12 19:43:14,785 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-12 19:43:14,785 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-12 19:43:14,785 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-12 19:43:14,785 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-12 19:43:14,786 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-12 19:43:14,786 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-12 19:43:14,786 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-12 19:43:14,795 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 36 nodes and edges [2024-10-12 19:43:14,796 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-12 19:43:14,796 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-12 19:43:14,797 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:14,797 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-12 19:43:14,920 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-12 19:43:14,920 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-12 19:43:14,920 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-12 19:43:14,921 INFO L158 Benchmark]: Toolchain (without parser) took 9380.08ms. Allocated memory was 165.7MB in the beginning and 251.7MB in the end (delta: 86.0MB). Free memory was 107.0MB in the beginning and 152.1MB in the end (delta: -45.2MB). Peak memory consumption was 43.3MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,921 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 165.7MB. Free memory is still 130.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-12 19:43:14,921 INFO L158 Benchmark]: CACSL2BoogieTranslator took 482.37ms. Allocated memory is still 165.7MB. Free memory was 107.0MB in the beginning and 85.5MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,922 INFO L158 Benchmark]: Boogie Procedure Inliner took 66.65ms. Allocated memory is still 165.7MB. Free memory was 85.5MB in the beginning and 82.9MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,922 INFO L158 Benchmark]: Boogie Preprocessor took 67.02ms. Allocated memory is still 165.7MB. Free memory was 82.9MB in the beginning and 80.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,922 INFO L158 Benchmark]: RCFGBuilder took 551.87ms. Allocated memory is still 165.7MB. Free memory was 80.5MB in the beginning and 54.9MB in the end (delta: 25.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,922 INFO L158 Benchmark]: TraceAbstraction took 8052.79ms. Allocated memory was 165.7MB in the beginning and 251.7MB in the end (delta: 86.0MB). Free memory was 54.2MB in the beginning and 159.5MB in the end (delta: -105.4MB). Peak memory consumption was 49.7MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,922 INFO L158 Benchmark]: Witness Printer took 146.19ms. Allocated memory is still 251.7MB. Free memory was 159.5MB in the beginning and 152.1MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-10-12 19:43:14,924 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 165.7MB. Free memory is still 130.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 482.37ms. Allocated memory is still 165.7MB. Free memory was 107.0MB in the beginning and 85.5MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 66.65ms. Allocated memory is still 165.7MB. Free memory was 85.5MB in the beginning and 82.9MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 67.02ms. Allocated memory is still 165.7MB. Free memory was 82.9MB in the beginning and 80.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 551.87ms. Allocated memory is still 165.7MB. Free memory was 80.5MB in the beginning and 54.9MB in the end (delta: 25.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 8052.79ms. Allocated memory was 165.7MB in the beginning and 251.7MB in the end (delta: 86.0MB). Free memory was 54.2MB in the beginning and 159.5MB in the end (delta: -105.4MB). Peak memory consumption was 49.7MB. Max. memory is 16.1GB. * Witness Printer took 146.19ms. Allocated memory is still 251.7MB. Free memory was 159.5MB in the beginning and 152.1MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 73 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.2s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1499 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1466 mSDsluCounter, 2145 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1440 mSDsCounter, 445 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2036 IncrementalHoareTripleChecker+Invalid, 2481 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 445 mSolverCounterUnsat, 705 mSDtfsCounter, 2036 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 341 GetRequests, 249 SyntacticMatches, 4 SemanticMatches, 88 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=363occurred in iteration=9, InterpolantAutomatonStates: 84, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 73 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 463 NumberOfCodeBlocks, 463 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 529 ConstructedInterpolants, 0 QuantifiedInterpolants, 1015 SizeOfPredicates, 2 NumberOfNonLiveVariables, 289 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 78/99 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 700]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 790]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 763]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) - ProcedureContractResult [Line: 580]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 798]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 894]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-12 19:43:14,955 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE