./Ultimate.py --spec /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/properties/unreach-call.prp --file /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 61a67961 Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3ab30b3db91b0e47e6f9b2ed9ba465facc49148e5cdc1cad78e4808ba0c7de84 --- Real Ultimate output --- This is Ultimate 0.2.5-wip.fs.cvc5-61a6796-m [2024-10-14 03:10:42,771 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-10-14 03:10:42,848 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-10-14 03:10:42,856 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-10-14 03:10:42,857 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-10-14 03:10:42,885 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-10-14 03:10:42,886 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-10-14 03:10:42,887 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-10-14 03:10:42,887 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-10-14 03:10:42,888 INFO L153 SettingsManager]: * Use memory slicer=true [2024-10-14 03:10:42,888 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-10-14 03:10:42,888 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-10-14 03:10:42,889 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-10-14 03:10:42,889 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-10-14 03:10:42,890 INFO L153 SettingsManager]: * Use SBE=true [2024-10-14 03:10:42,892 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-10-14 03:10:42,892 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-10-14 03:10:42,893 INFO L153 SettingsManager]: * sizeof long=4 [2024-10-14 03:10:42,893 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-10-14 03:10:42,893 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-10-14 03:10:42,893 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-10-14 03:10:42,897 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-10-14 03:10:42,898 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-10-14 03:10:42,898 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-10-14 03:10:42,898 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-10-14 03:10:42,899 INFO L153 SettingsManager]: * sizeof long double=12 [2024-10-14 03:10:42,899 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-10-14 03:10:42,899 INFO L153 SettingsManager]: * Use constant arrays=true [2024-10-14 03:10:42,899 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-10-14 03:10:42,900 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-10-14 03:10:42,900 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-10-14 03:10:42,900 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-10-14 03:10:42,900 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:10:42,901 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-10-14 03:10:42,901 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-10-14 03:10:42,904 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-10-14 03:10:42,905 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-10-14 03:10:42,905 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-10-14 03:10:42,906 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-10-14 03:10:42,906 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-10-14 03:10:42,906 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-10-14 03:10:42,907 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-10-14 03:10:42,907 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3ab30b3db91b0e47e6f9b2ed9ba465facc49148e5cdc1cad78e4808ba0c7de84 [2024-10-14 03:10:43,229 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-10-14 03:10:43,265 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-10-14 03:10:43,271 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-10-14 03:10:43,273 INFO L270 PluginConnector]: Initializing CDTParser... [2024-10-14 03:10:43,273 INFO L274 PluginConnector]: CDTParser initialized [2024-10-14 03:10:43,275 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c [2024-10-14 03:10:44,706 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-10-14 03:10:44,931 INFO L384 CDTParser]: Found 1 translation units. [2024-10-14 03:10:44,932 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c [2024-10-14 03:10:44,945 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9fc6903e1/1891d6d828e54af3a67a913b8cc47375/FLAG9c44e92c8 [2024-10-14 03:10:44,961 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9fc6903e1/1891d6d828e54af3a67a913b8cc47375 [2024-10-14 03:10:44,964 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-10-14 03:10:44,965 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-10-14 03:10:44,967 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-10-14 03:10:44,967 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-10-14 03:10:44,973 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-10-14 03:10:44,974 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:10:44" (1/1) ... [2024-10-14 03:10:44,975 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@63d7e089 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:44, skipping insertion in model container [2024-10-14 03:10:44,976 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.10 03:10:44" (1/1) ... [2024-10-14 03:10:45,027 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-10-14 03:10:45,236 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c[5071,5084] [2024-10-14 03:10:45,325 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:10:45,343 INFO L200 MainTranslator]: Completed pre-run [2024-10-14 03:10:45,354 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-10-14 03:10:45,356 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [150] [2024-10-14 03:10:45,357 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [201] [2024-10-14 03:10:45,357 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [304] [2024-10-14 03:10:45,357 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [313] [2024-10-14 03:10:45,357 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [496] [2024-10-14 03:10:45,357 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [561] [2024-10-14 03:10:45,358 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [596] [2024-10-14 03:10:45,383 WARN L248 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product37.cil.c[5071,5084] [2024-10-14 03:10:45,447 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-10-14 03:10:45,469 INFO L204 MainTranslator]: Completed translation [2024-10-14 03:10:45,470 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45 WrapperNode [2024-10-14 03:10:45,470 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-10-14 03:10:45,471 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-10-14 03:10:45,471 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-10-14 03:10:45,471 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-10-14 03:10:45,479 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,500 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,539 INFO L138 Inliner]: procedures = 55, calls = 100, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 203 [2024-10-14 03:10:45,539 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-10-14 03:10:45,540 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-10-14 03:10:45,540 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-10-14 03:10:45,540 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-10-14 03:10:45,555 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,556 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,557 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,580 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-10-14 03:10:45,581 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,581 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,588 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,594 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,596 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,597 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,600 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-10-14 03:10:45,604 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-10-14 03:10:45,604 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-10-14 03:10:45,605 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-10-14 03:10:45,606 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (1/1) ... [2024-10-14 03:10:45,613 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-10-14 03:10:45,625 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:10:45,644 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-10-14 03:10:45,648 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-10-14 03:10:45,703 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-10-14 03:10:45,704 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-10-14 03:10:45,704 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-10-14 03:10:45,704 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-10-14 03:10:45,704 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-10-14 03:10:45,705 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-10-14 03:10:45,706 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-10-14 03:10:45,706 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:10:45,706 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:10:45,706 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-10-14 03:10:45,706 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-10-14 03:10:45,707 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-10-14 03:10:45,707 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-10-14 03:10:45,707 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-10-14 03:10:45,707 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-10-14 03:10:45,707 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-10-14 03:10:45,708 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-10-14 03:10:45,708 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-10-14 03:10:45,795 INFO L238 CfgBuilder]: Building ICFG [2024-10-14 03:10:45,799 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-10-14 03:10:46,089 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-10-14 03:10:46,090 INFO L287 CfgBuilder]: Performing block encoding [2024-10-14 03:10:46,140 INFO L309 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-10-14 03:10:46,140 INFO L314 CfgBuilder]: Removed 2 assume(true) statements. [2024-10-14 03:10:46,141 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:46 BoogieIcfgContainer [2024-10-14 03:10:46,141 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-10-14 03:10:46,143 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-10-14 03:10:46,143 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-10-14 03:10:46,146 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-10-14 03:10:46,146 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.10 03:10:44" (1/3) ... [2024-10-14 03:10:46,147 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@27cbe9ea and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:10:46, skipping insertion in model container [2024-10-14 03:10:46,147 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.10 03:10:45" (2/3) ... [2024-10-14 03:10:46,147 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@27cbe9ea and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.10 03:10:46, skipping insertion in model container [2024-10-14 03:10:46,147 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:46" (3/3) ... [2024-10-14 03:10:46,149 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product37.cil.c [2024-10-14 03:10:46,164 INFO L209 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-10-14 03:10:46,165 INFO L149 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-10-14 03:10:46,282 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-10-14 03:10:46,288 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@48151b89, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-10-14 03:10:46,288 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-10-14 03:10:46,292 INFO L276 IsEmpty]: Start isEmpty. Operand has 69 states, 48 states have (on average 1.5416666666666667) internal successors, (74), 56 states have internal predecessors, (74), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-10-14 03:10:46,303 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2024-10-14 03:10:46,304 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:46,305 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:46,306 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:46,312 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:46,313 INFO L85 PathProgramCache]: Analyzing trace with hash 1588392176, now seen corresponding path program 1 times [2024-10-14 03:10:46,320 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:46,320 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [775827585] [2024-10-14 03:10:46,320 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:46,321 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:46,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,533 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:46,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,543 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-14 03:10:46,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,550 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:46,551 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:46,551 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [775827585] [2024-10-14 03:10:46,552 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [775827585] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:46,552 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:46,553 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-10-14 03:10:46,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [245338163] [2024-10-14 03:10:46,559 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:46,564 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-10-14 03:10:46,564 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:46,593 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-10-14 03:10:46,593 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:10:46,595 INFO L87 Difference]: Start difference. First operand has 69 states, 48 states have (on average 1.5416666666666667) internal successors, (74), 56 states have internal predecessors, (74), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:46,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:46,657 INFO L93 Difference]: Finished difference Result 136 states and 197 transitions. [2024-10-14 03:10:46,659 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-10-14 03:10:46,660 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2024-10-14 03:10:46,660 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:46,668 INFO L225 Difference]: With dead ends: 136 [2024-10-14 03:10:46,668 INFO L226 Difference]: Without dead ends: 64 [2024-10-14 03:10:46,671 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-10-14 03:10:46,674 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 79 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:46,675 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 79 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:10:46,689 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-10-14 03:10:46,707 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-10-14 03:10:46,708 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 45 states have (on average 1.4222222222222223) internal successors, (64), 52 states have internal predecessors, (64), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-10-14 03:10:46,710 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 87 transitions. [2024-10-14 03:10:46,711 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 87 transitions. Word has length 22 [2024-10-14 03:10:46,712 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:46,712 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 87 transitions. [2024-10-14 03:10:46,712 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.5) internal successors, (15), 2 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:46,712 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 87 transitions. [2024-10-14 03:10:46,714 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-10-14 03:10:46,715 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:46,715 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:46,715 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-10-14 03:10:46,716 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:46,716 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:46,717 INFO L85 PathProgramCache]: Analyzing trace with hash 53850804, now seen corresponding path program 1 times [2024-10-14 03:10:46,717 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:46,717 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [438795549] [2024-10-14 03:10:46,717 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:46,717 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:46,744 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,834 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-14 03:10:46,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,843 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-10-14 03:10:46,849 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:46,851 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:46,852 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:46,852 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [438795549] [2024-10-14 03:10:46,855 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [438795549] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:46,856 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:46,856 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:46,856 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [610170795] [2024-10-14 03:10:46,856 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:46,858 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:46,858 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:46,859 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:46,859 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:46,860 INFO L87 Difference]: Start difference. First operand 64 states and 87 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:46,917 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:46,920 INFO L93 Difference]: Finished difference Result 101 states and 137 transitions. [2024-10-14 03:10:46,921 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:46,921 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 23 [2024-10-14 03:10:46,921 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:46,922 INFO L225 Difference]: With dead ends: 101 [2024-10-14 03:10:46,923 INFO L226 Difference]: Without dead ends: 56 [2024-10-14 03:10:46,923 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:46,924 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 11 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:46,925 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 116 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:10:46,926 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2024-10-14 03:10:46,938 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2024-10-14 03:10:46,938 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 40 states have (on average 1.45) internal successors, (58), 47 states have internal predecessors, (58), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-14 03:10:46,941 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 76 transitions. [2024-10-14 03:10:46,944 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 76 transitions. Word has length 23 [2024-10-14 03:10:46,944 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:46,945 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 76 transitions. [2024-10-14 03:10:46,945 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-10-14 03:10:46,945 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 76 transitions. [2024-10-14 03:10:46,946 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-10-14 03:10:46,946 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:46,946 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:46,946 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-10-14 03:10:46,947 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:46,949 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:46,950 INFO L85 PathProgramCache]: Analyzing trace with hash -1790463453, now seen corresponding path program 1 times [2024-10-14 03:10:46,950 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:46,950 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [960212867] [2024-10-14 03:10:46,950 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:46,951 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:46,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,065 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:47,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,073 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-10-14 03:10:47,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,077 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:47,079 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:47,080 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [960212867] [2024-10-14 03:10:47,080 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [960212867] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:47,081 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:47,081 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:47,081 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1764551756] [2024-10-14 03:10:47,081 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:47,082 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:47,082 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:47,083 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:47,084 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:47,084 INFO L87 Difference]: Start difference. First operand 56 states and 76 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:47,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:47,129 INFO L93 Difference]: Finished difference Result 110 states and 151 transitions. [2024-10-14 03:10:47,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:47,132 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2024-10-14 03:10:47,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:47,134 INFO L225 Difference]: With dead ends: 110 [2024-10-14 03:10:47,134 INFO L226 Difference]: Without dead ends: 56 [2024-10-14 03:10:47,135 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:47,136 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 61 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 63 SdHoareTripleChecker+Invalid, 12 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:47,138 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 63 Invalid, 12 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-10-14 03:10:47,139 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 56 states. [2024-10-14 03:10:47,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 56 to 56. [2024-10-14 03:10:47,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 56 states, 40 states have (on average 1.425) internal successors, (57), 47 states have internal predecessors, (57), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-10-14 03:10:47,150 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 56 states to 56 states and 75 transitions. [2024-10-14 03:10:47,151 INFO L78 Accepts]: Start accepts. Automaton has 56 states and 75 transitions. Word has length 26 [2024-10-14 03:10:47,152 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:47,152 INFO L471 AbstractCegarLoop]: Abstraction has 56 states and 75 transitions. [2024-10-14 03:10:47,152 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:47,153 INFO L276 IsEmpty]: Start isEmpty. Operand 56 states and 75 transitions. [2024-10-14 03:10:47,154 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-10-14 03:10:47,155 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:47,155 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:47,156 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-10-14 03:10:47,156 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:47,157 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:47,158 INFO L85 PathProgramCache]: Analyzing trace with hash -1250402447, now seen corresponding path program 1 times [2024-10-14 03:10:47,159 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:47,159 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [287751053] [2024-10-14 03:10:47,159 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:47,159 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:47,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,296 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:47,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-14 03:10:47,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,311 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:47,313 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:47,313 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [287751053] [2024-10-14 03:10:47,314 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [287751053] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:47,314 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:47,314 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-10-14 03:10:47,314 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1280879151] [2024-10-14 03:10:47,314 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:47,315 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-10-14 03:10:47,316 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:47,316 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-10-14 03:10:47,316 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:47,317 INFO L87 Difference]: Start difference. First operand 56 states and 75 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:47,399 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:47,400 INFO L93 Difference]: Finished difference Result 152 states and 207 transitions. [2024-10-14 03:10:47,400 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-10-14 03:10:47,400 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 29 [2024-10-14 03:10:47,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:47,402 INFO L225 Difference]: With dead ends: 152 [2024-10-14 03:10:47,402 INFO L226 Difference]: Without dead ends: 98 [2024-10-14 03:10:47,403 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-10-14 03:10:47,407 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 49 mSDsluCounter, 50 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:47,407 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 126 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:47,408 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2024-10-14 03:10:47,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 96. [2024-10-14 03:10:47,435 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 69 states have (on average 1.3768115942028984) internal successors, (95), 76 states have internal predecessors, (95), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-10-14 03:10:47,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 127 transitions. [2024-10-14 03:10:47,437 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 127 transitions. Word has length 29 [2024-10-14 03:10:47,437 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:47,437 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 127 transitions. [2024-10-14 03:10:47,438 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-10-14 03:10:47,438 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 127 transitions. [2024-10-14 03:10:47,439 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-14 03:10:47,439 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:47,439 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:47,439 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-10-14 03:10:47,440 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:47,440 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:47,440 INFO L85 PathProgramCache]: Analyzing trace with hash -808056548, now seen corresponding path program 1 times [2024-10-14 03:10:47,441 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:47,441 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1066181161] [2024-10-14 03:10:47,441 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:47,441 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:47,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,525 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:47,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,532 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:47,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,571 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-14 03:10:47,572 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,575 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:47,575 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:47,576 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1066181161] [2024-10-14 03:10:47,577 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1066181161] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:47,577 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:47,577 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:10:47,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [230540167] [2024-10-14 03:10:47,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:47,578 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:10:47,579 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:47,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:10:47,580 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:10:47,580 INFO L87 Difference]: Start difference. First operand 96 states and 127 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:47,791 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:47,791 INFO L93 Difference]: Finished difference Result 214 states and 288 transitions. [2024-10-14 03:10:47,792 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-10-14 03:10:47,792 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-14 03:10:47,793 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:47,794 INFO L225 Difference]: With dead ends: 214 [2024-10-14 03:10:47,794 INFO L226 Difference]: Without dead ends: 120 [2024-10-14 03:10:47,799 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:10:47,801 INFO L432 NwaCegarLoop]: 59 mSDtfsCounter, 43 mSDsluCounter, 131 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 190 SdHoareTripleChecker+Invalid, 127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:47,805 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 190 Invalid, 127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:10:47,806 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2024-10-14 03:10:47,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 118. [2024-10-14 03:10:47,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 86 states have (on average 1.372093023255814) internal successors, (118), 93 states have internal predecessors, (118), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-14 03:10:47,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 157 transitions. [2024-10-14 03:10:47,833 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 157 transitions. Word has length 38 [2024-10-14 03:10:47,837 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:47,837 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 157 transitions. [2024-10-14 03:10:47,838 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:47,838 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 157 transitions. [2024-10-14 03:10:47,839 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-14 03:10:47,840 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:47,840 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:47,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-10-14 03:10:47,841 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:47,841 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:47,841 INFO L85 PathProgramCache]: Analyzing trace with hash -2087920226, now seen corresponding path program 1 times [2024-10-14 03:10:47,842 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:47,842 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1417277494] [2024-10-14 03:10:47,842 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:47,842 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:47,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,936 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:47,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,945 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:47,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,984 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-14 03:10:47,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:47,987 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:47,988 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:47,988 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1417277494] [2024-10-14 03:10:47,989 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1417277494] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:47,989 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:47,989 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-10-14 03:10:47,989 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1802278860] [2024-10-14 03:10:47,989 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:47,989 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-10-14 03:10:47,990 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:47,990 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-10-14 03:10:47,990 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-10-14 03:10:47,990 INFO L87 Difference]: Start difference. First operand 118 states and 157 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-14 03:10:48,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:48,163 INFO L93 Difference]: Finished difference Result 238 states and 324 transitions. [2024-10-14 03:10:48,165 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-10-14 03:10:48,165 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 38 [2024-10-14 03:10:48,165 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:48,166 INFO L225 Difference]: With dead ends: 238 [2024-10-14 03:10:48,169 INFO L226 Difference]: Without dead ends: 122 [2024-10-14 03:10:48,171 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-10-14 03:10:48,171 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 96 mSDsluCounter, 125 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 99 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 148 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:48,172 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [99 Valid, 181 Invalid, 148 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-10-14 03:10:48,176 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2024-10-14 03:10:48,197 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 120. [2024-10-14 03:10:48,200 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 120 states, 88 states have (on average 1.3636363636363635) internal successors, (120), 95 states have internal predecessors, (120), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-10-14 03:10:48,201 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 120 states to 120 states and 159 transitions. [2024-10-14 03:10:48,202 INFO L78 Accepts]: Start accepts. Automaton has 120 states and 159 transitions. Word has length 38 [2024-10-14 03:10:48,202 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:48,202 INFO L471 AbstractCegarLoop]: Abstraction has 120 states and 159 transitions. [2024-10-14 03:10:48,202 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 5 states have internal predecessors, (30), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-10-14 03:10:48,202 INFO L276 IsEmpty]: Start isEmpty. Operand 120 states and 159 transitions. [2024-10-14 03:10:48,205 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-10-14 03:10:48,206 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:48,206 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:48,206 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-10-14 03:10:48,206 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:48,208 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:48,209 INFO L85 PathProgramCache]: Analyzing trace with hash 618699168, now seen corresponding path program 1 times [2024-10-14 03:10:48,209 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:48,209 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1122787489] [2024-10-14 03:10:48,209 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:48,209 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:48,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,295 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-10-14 03:10:48,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,304 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-10-14 03:10:48,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,321 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-10-14 03:10:48,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,325 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:48,326 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:48,326 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1122787489] [2024-10-14 03:10:48,326 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1122787489] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:48,326 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:48,326 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-10-14 03:10:48,326 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1233417239] [2024-10-14 03:10:48,326 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:48,329 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-10-14 03:10:48,329 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:48,329 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-10-14 03:10:48,330 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-10-14 03:10:48,330 INFO L87 Difference]: Start difference. First operand 120 states and 159 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:48,644 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:48,645 INFO L93 Difference]: Finished difference Result 396 states and 555 transitions. [2024-10-14 03:10:48,645 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-10-14 03:10:48,646 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 38 [2024-10-14 03:10:48,646 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:48,648 INFO L225 Difference]: With dead ends: 396 [2024-10-14 03:10:48,648 INFO L226 Difference]: Without dead ends: 278 [2024-10-14 03:10:48,651 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-10-14 03:10:48,655 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 184 mSDsluCounter, 137 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 241 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:48,655 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 241 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-10-14 03:10:48,656 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 278 states. [2024-10-14 03:10:48,700 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 278 to 268. [2024-10-14 03:10:48,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 195 states have (on average 1.3435897435897435) internal successors, (262), 207 states have internal predecessors, (262), 40 states have call successors, (40), 33 states have call predecessors, (40), 32 states have return successors, (64), 38 states have call predecessors, (64), 40 states have call successors, (64) [2024-10-14 03:10:48,703 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 366 transitions. [2024-10-14 03:10:48,704 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 366 transitions. Word has length 38 [2024-10-14 03:10:48,704 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:48,704 INFO L471 AbstractCegarLoop]: Abstraction has 268 states and 366 transitions. [2024-10-14 03:10:48,705 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 4 states have internal predecessors, (30), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-10-14 03:10:48,705 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 366 transitions. [2024-10-14 03:10:48,707 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-10-14 03:10:48,708 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:48,708 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:48,709 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-10-14 03:10:48,709 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:48,709 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:48,709 INFO L85 PathProgramCache]: Analyzing trace with hash -971235318, now seen corresponding path program 1 times [2024-10-14 03:10:48,710 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:48,710 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1793569959] [2024-10-14 03:10:48,710 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:48,710 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:48,728 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,809 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:10:48,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,815 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-14 03:10:48,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,828 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-14 03:10:48,832 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,841 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-10-14 03:10:48,843 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,845 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-10-14 03:10:48,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:48,862 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-10-14 03:10:48,865 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:48,865 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1793569959] [2024-10-14 03:10:48,866 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1793569959] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:48,866 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:48,866 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-14 03:10:48,866 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1041915654] [2024-10-14 03:10:48,866 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:48,866 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-14 03:10:48,866 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:48,867 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-14 03:10:48,867 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-10-14 03:10:48,867 INFO L87 Difference]: Start difference. First operand 268 states and 366 transitions. Second operand has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-10-14 03:10:49,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:49,399 INFO L93 Difference]: Finished difference Result 585 states and 815 transitions. [2024-10-14 03:10:49,399 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-10-14 03:10:49,399 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) Word has length 45 [2024-10-14 03:10:49,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:49,402 INFO L225 Difference]: With dead ends: 585 [2024-10-14 03:10:49,403 INFO L226 Difference]: Without dead ends: 319 [2024-10-14 03:10:49,407 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 83 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-10-14 03:10:49,408 INFO L432 NwaCegarLoop]: 43 mSDtfsCounter, 151 mSDsluCounter, 217 mSDsCounter, 0 mSdLazyCounter, 344 mSolverCounterSat, 59 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 155 SdHoareTripleChecker+Valid, 260 SdHoareTripleChecker+Invalid, 403 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 59 IncrementalHoareTripleChecker+Valid, 344 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:49,409 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [155 Valid, 260 Invalid, 403 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [59 Valid, 344 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-14 03:10:49,410 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 319 states. [2024-10-14 03:10:49,460 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 319 to 313. [2024-10-14 03:10:49,461 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 313 states, 227 states have (on average 1.3083700440528634) internal successors, (297), 243 states have internal predecessors, (297), 48 states have call successors, (48), 33 states have call predecessors, (48), 37 states have return successors, (83), 47 states have call predecessors, (83), 48 states have call successors, (83) [2024-10-14 03:10:49,464 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 313 states to 313 states and 428 transitions. [2024-10-14 03:10:49,465 INFO L78 Accepts]: Start accepts. Automaton has 313 states and 428 transitions. Word has length 45 [2024-10-14 03:10:49,465 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:49,467 INFO L471 AbstractCegarLoop]: Abstraction has 313 states and 428 transitions. [2024-10-14 03:10:49,467 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.857142857142857) internal successors, (34), 5 states have internal predecessors, (34), 1 states have call successors, (6), 4 states have call predecessors, (6), 3 states have return successors, (5), 2 states have call predecessors, (5), 1 states have call successors, (5) [2024-10-14 03:10:49,468 INFO L276 IsEmpty]: Start isEmpty. Operand 313 states and 428 transitions. [2024-10-14 03:10:49,469 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-10-14 03:10:49,469 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:49,469 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:49,469 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-10-14 03:10:49,470 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:49,470 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:49,470 INFO L85 PathProgramCache]: Analyzing trace with hash -1921015738, now seen corresponding path program 1 times [2024-10-14 03:10:49,470 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:49,471 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1353580735] [2024-10-14 03:10:49,471 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:49,471 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:49,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:49,578 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:10:49,580 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:49,588 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-10-14 03:10:49,589 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:49,598 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-10-14 03:10:49,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:49,627 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-10-14 03:10:49,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:49,629 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-10-14 03:10:49,630 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:49,630 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1353580735] [2024-10-14 03:10:49,630 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1353580735] provided 1 perfect and 0 imperfect interpolant sequences [2024-10-14 03:10:49,630 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-10-14 03:10:49,630 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-10-14 03:10:49,630 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2119022479] [2024-10-14 03:10:49,630 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-10-14 03:10:49,630 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-10-14 03:10:49,631 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:49,631 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-10-14 03:10:49,635 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-10-14 03:10:49,636 INFO L87 Difference]: Start difference. First operand 313 states and 428 transitions. Second operand has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:50,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:50,049 INFO L93 Difference]: Finished difference Result 612 states and 845 transitions. [2024-10-14 03:10:50,049 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-10-14 03:10:50,050 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 42 [2024-10-14 03:10:50,050 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:50,052 INFO L225 Difference]: With dead ends: 612 [2024-10-14 03:10:50,052 INFO L226 Difference]: Without dead ends: 301 [2024-10-14 03:10:50,057 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 45 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=99, Invalid=207, Unknown=0, NotChecked=0, Total=306 [2024-10-14 03:10:50,058 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 248 mSDsluCounter, 164 mSDsCounter, 0 mSdLazyCounter, 296 mSolverCounterSat, 81 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 251 SdHoareTripleChecker+Valid, 229 SdHoareTripleChecker+Invalid, 377 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 81 IncrementalHoareTripleChecker+Valid, 296 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:50,058 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [251 Valid, 229 Invalid, 377 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [81 Valid, 296 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-10-14 03:10:50,060 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2024-10-14 03:10:50,089 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 299. [2024-10-14 03:10:50,090 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 299 states, 217 states have (on average 1.2857142857142858) internal successors, (279), 233 states have internal predecessors, (279), 44 states have call successors, (44), 33 states have call predecessors, (44), 37 states have return successors, (79), 43 states have call predecessors, (79), 44 states have call successors, (79) [2024-10-14 03:10:50,093 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 402 transitions. [2024-10-14 03:10:50,094 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 402 transitions. Word has length 42 [2024-10-14 03:10:50,094 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:50,094 INFO L471 AbstractCegarLoop]: Abstraction has 299 states and 402 transitions. [2024-10-14 03:10:50,094 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.0) internal successors, (32), 6 states have internal predecessors, (32), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-10-14 03:10:50,095 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 402 transitions. [2024-10-14 03:10:50,096 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2024-10-14 03:10:50,096 INFO L207 NwaCegarLoop]: Found error trace [2024-10-14 03:10:50,096 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:50,097 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-10-14 03:10:50,097 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-10-14 03:10:50,097 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-10-14 03:10:50,097 INFO L85 PathProgramCache]: Analyzing trace with hash 135385513, now seen corresponding path program 1 times [2024-10-14 03:10:50,098 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-10-14 03:10:50,098 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [615210988] [2024-10-14 03:10:50,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:50,098 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-10-14 03:10:50,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,234 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-10-14 03:10:50,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-10-14 03:10:50,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,272 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-10-14 03:10:50,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-10-14 03:10:50,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,293 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-10-14 03:10:50,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,307 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-10-14 03:10:50,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,310 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-10-14 03:10:50,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,312 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-10-14 03:10:50,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,315 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-14 03:10:50,315 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-10-14 03:10:50,315 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [615210988] [2024-10-14 03:10:50,315 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [615210988] provided 0 perfect and 1 imperfect interpolant sequences [2024-10-14 03:10:50,316 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1611645431] [2024-10-14 03:10:50,316 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-10-14 03:10:50,316 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-10-14 03:10:50,316 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-10-14 03:10:50,321 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-10-14 03:10:50,326 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-10-14 03:10:50,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-10-14 03:10:50,416 INFO L255 TraceCheckSpWp]: Trace formula consists of 273 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-10-14 03:10:50,429 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-10-14 03:10:50,588 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 20 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-10-14 03:10:50,589 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-10-14 03:10:50,769 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-10-14 03:10:50,770 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1611645431] provided 0 perfect and 2 imperfect interpolant sequences [2024-10-14 03:10:50,771 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-10-14 03:10:50,771 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-10-14 03:10:50,771 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [772578098] [2024-10-14 03:10:50,771 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-10-14 03:10:50,772 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-10-14 03:10:50,772 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-10-14 03:10:50,773 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-10-14 03:10:50,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-10-14 03:10:50,773 INFO L87 Difference]: Start difference. First operand 299 states and 402 transitions. Second operand has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-14 03:10:51,780 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-10-14 03:10:51,780 INFO L93 Difference]: Finished difference Result 674 states and 928 transitions. [2024-10-14 03:10:51,781 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-10-14 03:10:51,781 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) Word has length 74 [2024-10-14 03:10:51,782 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-10-14 03:10:51,782 INFO L225 Difference]: With dead ends: 674 [2024-10-14 03:10:51,783 INFO L226 Difference]: Without dead ends: 0 [2024-10-14 03:10:51,785 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 207 GetRequests, 166 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 336 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-10-14 03:10:51,785 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 293 mSDsluCounter, 637 mSDsCounter, 0 mSdLazyCounter, 935 mSolverCounterSat, 111 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 296 SdHoareTripleChecker+Valid, 743 SdHoareTripleChecker+Invalid, 1046 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 111 IncrementalHoareTripleChecker+Valid, 935 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-10-14 03:10:51,786 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [296 Valid, 743 Invalid, 1046 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [111 Valid, 935 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-10-14 03:10:51,786 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-10-14 03:10:51,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-10-14 03:10:51,787 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-10-14 03:10:51,787 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-10-14 03:10:51,787 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 74 [2024-10-14 03:10:51,787 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-10-14 03:10:51,788 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-10-14 03:10:51,788 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 12 states have (on average 7.916666666666667) internal successors, (95), 10 states have internal predecessors, (95), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (17), 8 states have call predecessors, (17), 6 states have call successors, (17) [2024-10-14 03:10:51,788 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-10-14 03:10:51,789 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-10-14 03:10:51,792 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-10-14 03:10:51,811 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-10-14 03:10:51,993 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-10-14 03:10:51,996 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-10-14 03:10:51,998 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-10-14 03:10:54,546 INFO L165 ceAbstractionStarter]: Computing trace abstraction results [2024-10-14 03:10:54,584 WARN L155 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-14 03:10:54,602 WARN L155 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-10-14 03:10:54,612 WARN L155 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-10-14 03:10:54,625 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.10 03:10:54 BoogieIcfgContainer [2024-10-14 03:10:54,626 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-10-14 03:10:54,627 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-10-14 03:10:54,627 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-10-14 03:10:54,627 INFO L274 PluginConnector]: Witness Printer initialized [2024-10-14 03:10:54,627 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.10 03:10:46" (3/4) ... [2024-10-14 03:10:54,629 INFO L139 WitnessPrinter]: Generating witness for correct program [2024-10-14 03:10:54,634 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-10-14 03:10:54,634 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-10-14 03:10:54,635 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-10-14 03:10:54,635 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-10-14 03:10:54,635 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-10-14 03:10:54,635 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-10-14 03:10:54,635 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-10-14 03:10:54,645 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 34 nodes and edges [2024-10-14 03:10:54,646 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-10-14 03:10:54,646 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-10-14 03:10:54,647 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:10:54,647 INFO L904 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-10-14 03:10:54,755 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-10-14 03:10:54,756 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-10-14 03:10:54,756 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-10-14 03:10:54,757 INFO L158 Benchmark]: Toolchain (without parser) took 9791.38ms. Allocated memory was 192.9MB in the beginning and 293.6MB in the end (delta: 100.7MB). Free memory was 134.9MB in the beginning and 233.6MB in the end (delta: -98.7MB). Peak memory consumption was 2.7MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,757 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 192.9MB. Free memory is still 168.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-10-14 03:10:54,758 INFO L158 Benchmark]: CACSL2BoogieTranslator took 503.18ms. Allocated memory is still 192.9MB. Free memory was 134.9MB in the beginning and 114.4MB in the end (delta: 20.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,758 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.40ms. Allocated memory is still 192.9MB. Free memory was 114.4MB in the beginning and 112.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,758 INFO L158 Benchmark]: Boogie Preprocessor took 60.30ms. Allocated memory is still 192.9MB. Free memory was 112.1MB in the beginning and 110.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,759 INFO L158 Benchmark]: RCFGBuilder took 536.54ms. Allocated memory is still 192.9MB. Free memory was 109.8MB in the beginning and 85.8MB in the end (delta: 24.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,759 INFO L158 Benchmark]: TraceAbstraction took 8483.29ms. Allocated memory was 192.9MB in the beginning and 293.6MB in the end (delta: 100.7MB). Free memory was 85.1MB in the beginning and 240.9MB in the end (delta: -155.9MB). Peak memory consumption was 64.8MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,759 INFO L158 Benchmark]: Witness Printer took 129.57ms. Allocated memory is still 293.6MB. Free memory was 240.9MB in the beginning and 233.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-10-14 03:10:54,761 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 192.9MB. Free memory is still 168.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 503.18ms. Allocated memory is still 192.9MB. Free memory was 134.9MB in the beginning and 114.4MB in the end (delta: 20.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.40ms. Allocated memory is still 192.9MB. Free memory was 114.4MB in the beginning and 112.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 60.30ms. Allocated memory is still 192.9MB. Free memory was 112.1MB in the beginning and 110.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 536.54ms. Allocated memory is still 192.9MB. Free memory was 109.8MB in the beginning and 85.8MB in the end (delta: 24.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 8483.29ms. Allocated memory was 192.9MB in the beginning and 293.6MB in the end (delta: 100.7MB). Free memory was 85.1MB in the beginning and 240.9MB in the end (delta: -155.9MB). Peak memory consumption was 64.8MB. Max. memory is 16.1GB. * Witness Printer took 129.57ms. Allocated memory is still 293.6MB. Free memory was 240.9MB in the beginning and 233.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [150] - GenericResultAtLocation [Line: 201]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [201] - GenericResultAtLocation [Line: 304]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [304] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [313] - GenericResultAtLocation [Line: 496]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [496] - GenericResultAtLocation [Line: 561]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [561] - GenericResultAtLocation [Line: 596]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [596] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 309]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 69 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.8s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1163 SdHoareTripleChecker+Valid, 1.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1136 mSDsluCounter, 2228 SdHoareTripleChecker+Invalid, 1.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1512 mSDsCounter, 345 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2091 IncrementalHoareTripleChecker+Invalid, 2436 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 345 mSolverCounterUnsat, 716 mSDtfsCounter, 2091 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 337 GetRequests, 240 SyntacticMatches, 4 SemanticMatches, 93 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 467 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=313occurred in iteration=8, InterpolantAutomatonStates: 89, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 24 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 449 NumberOfCodeBlocks, 449 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 511 ConstructedInterpolants, 0 QuantifiedInterpolants, 1065 SizeOfPredicates, 2 NumberOfNonLiveVariables, 273 ConjunctsInSsa, 7 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 71/99 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 214]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 506]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 507]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 346]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 83]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) - ProcedureContractResult [Line: 319]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 < \old(waterLevel)) || (waterLevel < 2)) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(waterLevel) == 2)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) - ProcedureContractResult [Line: 204]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: 0 - ProcedureContractResult [Line: 354]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning)))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 <= pumpRunning) && (2 == waterLevel)) || ((pumpRunning == 0) && (2 == waterLevel))) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) - ProcedureContractResult [Line: 71]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) - ProcedureContractResult [Line: 432]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) RESULT: Ultimate proved your program to be correct! [2024-10-14 03:10:54,794 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE