./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:55:58,496 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:55:58,574 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:55:58,580 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:55:58,581 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:55:58,614 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:55:58,614 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:55:58,615 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:55:58,616 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:55:58,616 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:55:58,617 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:55:58,617 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:55:58,618 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:55:58,618 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:55:58,619 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:55:58,619 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:55:58,619 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:55:58,620 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:55:58,620 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:55:58,621 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:55:58,621 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:55:58,621 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:55:58,622 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:55:58,622 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:55:58,622 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:55:58,623 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:55:58,623 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:55:58,624 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:55:58,624 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:55:58,624 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:55:58,625 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:55:58,625 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:55:58,625 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:55:58,626 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:55:58,626 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:55:58,626 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:55:58,627 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:55:58,627 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:55:58,627 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:55:58,628 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:55:58,628 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:55:58,628 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:55:58,642 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d [2024-11-11 20:55:58,923 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:55:58,946 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:55:58,949 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:55:58,950 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:55:58,950 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:55:58,952 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2024-11-11 20:56:00,417 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:56:00,654 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:56:00,655 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2024-11-11 20:56:00,670 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4593dfb4e/e9a31107a10040cf94f033f2cf03e299/FLAG6436af287 [2024-11-11 20:56:00,688 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4593dfb4e/e9a31107a10040cf94f033f2cf03e299 [2024-11-11 20:56:00,691 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:56:00,692 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:56:00,694 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:00,695 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:56:00,701 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:56:00,702 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:00" (1/1) ... [2024-11-11 20:56:00,702 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@bb9ef61 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:00, skipping insertion in model container [2024-11-11 20:56:00,703 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:56:00" (1/1) ... [2024-11-11 20:56:00,753 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:56:01,129 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2024-11-11 20:56:01,139 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:01,153 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:56:01,163 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-11 20:56:01,164 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] [2024-11-11 20:56:01,165 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [516] [2024-11-11 20:56:01,165 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [721] [2024-11-11 20:56:01,165 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [791] [2024-11-11 20:56:01,165 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [829] [2024-11-11 20:56:01,166 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [927] [2024-11-11 20:56:01,166 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [936] [2024-11-11 20:56:01,255 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2024-11-11 20:56:01,257 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:56:01,283 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:56:01,283 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01 WrapperNode [2024-11-11 20:56:01,284 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:56:01,285 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:01,285 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:56:01,285 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:56:01,292 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,306 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,336 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 208 [2024-11-11 20:56:01,337 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:56:01,338 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:56:01,338 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:56:01,338 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:56:01,349 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,349 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,356 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,372 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:56:01,372 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,372 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,377 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,385 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,387 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,389 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,395 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:56:01,400 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:56:01,401 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:56:01,402 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:56:01,403 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (1/1) ... [2024-11-11 20:56:01,409 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:56:01,420 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:01,439 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:56:01,446 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:56:01,503 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:56:01,504 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:56:01,504 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:56:01,504 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:56:01,504 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:56:01,504 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:56:01,505 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:56:01,505 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:56:01,505 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:56:01,505 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-11 20:56:01,522 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-11 20:56:01,522 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:56:01,523 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:56:01,523 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:56:01,523 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:56:01,523 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:56:01,644 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:56:01,647 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:56:01,951 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-11 20:56:01,952 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:56:01,972 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:56:01,974 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:56:01,974 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:01 BoogieIcfgContainer [2024-11-11 20:56:01,974 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:56:01,976 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:56:01,976 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:56:01,980 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:56:01,980 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:56:00" (1/3) ... [2024-11-11 20:56:01,981 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1605e17f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:01, skipping insertion in model container [2024-11-11 20:56:01,981 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:56:01" (2/3) ... [2024-11-11 20:56:01,981 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@1605e17f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:56:01, skipping insertion in model container [2024-11-11 20:56:01,982 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:01" (3/3) ... [2024-11-11 20:56:01,983 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product44.cil.c [2024-11-11 20:56:01,995 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:56:01,996 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:56:02,047 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:56:02,052 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@74ee8971, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:56:02,053 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:56:02,057 INFO L276 IsEmpty]: Start isEmpty. Operand has 89 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 77 states have internal predecessors, (97), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-11 20:56:02,064 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-11 20:56:02,065 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:02,065 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:02,066 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:02,072 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:02,072 INFO L85 PathProgramCache]: Analyzing trace with hash -1684151890, now seen corresponding path program 1 times [2024-11-11 20:56:02,081 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:02,081 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1474748739] [2024-11-11 20:56:02,082 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:02,082 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:02,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,300 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-11 20:56:02,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,310 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:02,312 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,315 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:02,317 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:02,317 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1474748739] [2024-11-11 20:56:02,317 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1474748739] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:02,318 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:02,320 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:56:02,322 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1790930174] [2024-11-11 20:56:02,322 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:02,326 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:56:02,326 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:02,346 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:56:02,346 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:02,348 INFO L87 Difference]: Start difference. First operand has 89 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 77 states have internal predecessors, (97), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:02,373 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:02,373 INFO L93 Difference]: Finished difference Result 169 states and 228 transitions. [2024-11-11 20:56:02,374 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:56:02,376 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-11 20:56:02,376 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:02,384 INFO L225 Difference]: With dead ends: 169 [2024-11-11 20:56:02,384 INFO L226 Difference]: Without dead ends: 80 [2024-11-11 20:56:02,388 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:56:02,391 INFO L435 NwaCegarLoop]: 111 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:02,392 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:02,405 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-11 20:56:02,422 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-11 20:56:02,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 64 states have (on average 1.296875) internal successors, (83), 69 states have internal predecessors, (83), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-11 20:56:02,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-11 20:56:02,427 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 32 [2024-11-11 20:56:02,428 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:02,428 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-11 20:56:02,428 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:02,429 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-11 20:56:02,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-11 20:56:02,431 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:02,431 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:02,431 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:56:02,431 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:02,432 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:02,432 INFO L85 PathProgramCache]: Analyzing trace with hash 1709273223, now seen corresponding path program 1 times [2024-11-11 20:56:02,432 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:02,433 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077141983] [2024-11-11 20:56:02,433 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:02,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:02,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,579 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:56:02,585 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,592 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-11 20:56:02,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,599 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:02,599 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:02,599 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077141983] [2024-11-11 20:56:02,599 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077141983] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:02,600 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:02,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:02,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [700465541] [2024-11-11 20:56:02,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:02,605 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:02,605 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:02,606 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:02,606 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:02,607 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:02,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:02,633 INFO L93 Difference]: Finished difference Result 120 states and 153 transitions. [2024-11-11 20:56:02,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:02,633 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-11 20:56:02,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:02,635 INFO L225 Difference]: With dead ends: 120 [2024-11-11 20:56:02,635 INFO L226 Difference]: Without dead ends: 71 [2024-11-11 20:56:02,635 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:02,636 INFO L435 NwaCegarLoop]: 89 mSDtfsCounter, 18 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 156 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:02,637 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 156 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:02,638 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2024-11-11 20:56:02,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2024-11-11 20:56:02,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 63 states have internal predecessors, (76), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-11 20:56:02,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2024-11-11 20:56:02,647 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 33 [2024-11-11 20:56:02,647 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:02,647 INFO L471 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2024-11-11 20:56:02,647 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:02,647 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2024-11-11 20:56:02,648 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-11 20:56:02,649 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:02,649 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:02,649 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:56:02,649 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:02,650 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:02,650 INFO L85 PathProgramCache]: Analyzing trace with hash 1502879027, now seen corresponding path program 1 times [2024-11-11 20:56:02,650 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:02,650 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1718992597] [2024-11-11 20:56:02,650 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:02,651 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:02,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,769 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:02,774 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,781 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-11 20:56:02,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:02,789 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:02,793 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:02,794 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1718992597] [2024-11-11 20:56:02,794 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1718992597] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:02,794 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:02,794 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:02,794 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2072212689] [2024-11-11 20:56:02,795 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:02,795 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:02,795 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:02,796 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:02,796 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:02,796 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:02,837 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:02,838 INFO L93 Difference]: Finished difference Result 195 states and 253 transitions. [2024-11-11 20:56:02,838 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:02,838 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-11 20:56:02,839 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:02,840 INFO L225 Difference]: With dead ends: 195 [2024-11-11 20:56:02,840 INFO L226 Difference]: Without dead ends: 132 [2024-11-11 20:56:02,841 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:02,842 INFO L435 NwaCegarLoop]: 104 mSDtfsCounter, 78 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:02,843 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 181 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:02,844 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2024-11-11 20:56:02,861 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 127. [2024-11-11 20:56:02,861 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 102 states have (on average 1.3333333333333333) internal successors, (136), 111 states have internal predecessors, (136), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-11 20:56:02,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 164 transitions. [2024-11-11 20:56:02,863 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 164 transitions. Word has length 38 [2024-11-11 20:56:02,863 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:02,863 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 164 transitions. [2024-11-11 20:56:02,864 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:02,864 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 164 transitions. [2024-11-11 20:56:02,867 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-11 20:56:02,868 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:02,868 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:02,868 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:56:02,869 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:02,870 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:02,870 INFO L85 PathProgramCache]: Analyzing trace with hash -793445015, now seen corresponding path program 1 times [2024-11-11 20:56:02,870 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:02,870 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [613381161] [2024-11-11 20:56:02,870 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:02,871 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:02,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,055 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:56:03,060 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,064 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-11 20:56:03,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,089 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-11 20:56:03,090 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:03,090 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [613381161] [2024-11-11 20:56:03,090 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [613381161] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:03,090 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:03,090 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:03,090 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [130650159] [2024-11-11 20:56:03,091 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:03,091 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:03,093 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:03,093 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:03,093 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:03,094 INFO L87 Difference]: Start difference. First operand 127 states and 164 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:03,267 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:03,268 INFO L93 Difference]: Finished difference Result 330 states and 434 transitions. [2024-11-11 20:56:03,268 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:03,269 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2024-11-11 20:56:03,269 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:03,272 INFO L225 Difference]: With dead ends: 330 [2024-11-11 20:56:03,272 INFO L226 Difference]: Without dead ends: 211 [2024-11-11 20:56:03,274 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:56:03,279 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 46 mSDsluCounter, 287 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:03,280 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 374 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:03,281 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 211 states. [2024-11-11 20:56:03,308 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 211 to 211. [2024-11-11 20:56:03,309 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 166 states have (on average 1.2951807228915662) internal successors, (215), 179 states have internal predecessors, (215), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-11 20:56:03,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 267 transitions. [2024-11-11 20:56:03,313 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 267 transitions. Word has length 41 [2024-11-11 20:56:03,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:03,314 INFO L471 AbstractCegarLoop]: Abstraction has 211 states and 267 transitions. [2024-11-11 20:56:03,314 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-11 20:56:03,314 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 267 transitions. [2024-11-11 20:56:03,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-11 20:56:03,316 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:03,316 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:03,316 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:56:03,316 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:03,317 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:03,317 INFO L85 PathProgramCache]: Analyzing trace with hash 855988844, now seen corresponding path program 1 times [2024-11-11 20:56:03,317 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:03,318 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [707326707] [2024-11-11 20:56:03,318 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:03,318 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:03,336 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,434 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:03,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,440 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-11 20:56:03,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,443 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:03,444 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:03,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [707326707] [2024-11-11 20:56:03,445 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [707326707] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:03,446 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:03,446 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:03,446 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1933138754] [2024-11-11 20:56:03,446 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:03,447 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:03,447 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:03,447 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:03,448 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:03,448 INFO L87 Difference]: Start difference. First operand 211 states and 267 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,490 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:03,490 INFO L93 Difference]: Finished difference Result 420 states and 542 transitions. [2024-11-11 20:56:03,490 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:56:03,491 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-11 20:56:03,492 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:03,495 INFO L225 Difference]: With dead ends: 420 [2024-11-11 20:56:03,496 INFO L226 Difference]: Without dead ends: 217 [2024-11-11 20:56:03,498 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:03,501 INFO L435 NwaCegarLoop]: 87 mSDtfsCounter, 0 mSDsluCounter, 254 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 341 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:03,502 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 341 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:03,505 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2024-11-11 20:56:03,528 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 217. [2024-11-11 20:56:03,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 217 states, 172 states have (on average 1.2848837209302326) internal successors, (221), 185 states have internal predecessors, (221), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-11 20:56:03,531 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 217 states to 217 states and 273 transitions. [2024-11-11 20:56:03,531 INFO L78 Accepts]: Start accepts. Automaton has 217 states and 273 transitions. Word has length 51 [2024-11-11 20:56:03,532 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:03,532 INFO L471 AbstractCegarLoop]: Abstraction has 217 states and 273 transitions. [2024-11-11 20:56:03,532 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,532 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 273 transitions. [2024-11-11 20:56:03,536 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-11 20:56:03,536 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:03,536 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:03,536 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:56:03,536 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:03,537 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:03,537 INFO L85 PathProgramCache]: Analyzing trace with hash 1278690670, now seen corresponding path program 1 times [2024-11-11 20:56:03,537 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:03,537 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [446985906] [2024-11-11 20:56:03,537 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:03,537 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:03,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,662 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:03,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-11 20:56:03,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,678 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:03,678 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:03,678 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [446985906] [2024-11-11 20:56:03,678 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [446985906] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:03,679 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:03,679 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-11 20:56:03,679 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1105762740] [2024-11-11 20:56:03,679 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:03,680 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-11 20:56:03,681 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:03,681 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-11 20:56:03,681 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:56:03,681 INFO L87 Difference]: Start difference. First operand 217 states and 273 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,742 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:03,743 INFO L93 Difference]: Finished difference Result 436 states and 558 transitions. [2024-11-11 20:56:03,743 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:56:03,743 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-11 20:56:03,743 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:03,745 INFO L225 Difference]: With dead ends: 436 [2024-11-11 20:56:03,745 INFO L226 Difference]: Without dead ends: 227 [2024-11-11 20:56:03,747 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:56:03,750 INFO L435 NwaCegarLoop]: 95 mSDtfsCounter, 80 mSDsluCounter, 259 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:03,754 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 354 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:03,755 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2024-11-11 20:56:03,780 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 221. [2024-11-11 20:56:03,781 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 176 states have (on average 1.2784090909090908) internal successors, (225), 189 states have internal predecessors, (225), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-11 20:56:03,783 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 277 transitions. [2024-11-11 20:56:03,784 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 277 transitions. Word has length 51 [2024-11-11 20:56:03,785 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:03,785 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 277 transitions. [2024-11-11 20:56:03,785 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,786 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 277 transitions. [2024-11-11 20:56:03,787 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-11 20:56:03,789 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:03,789 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:03,790 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:56:03,790 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:03,790 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:03,791 INFO L85 PathProgramCache]: Analyzing trace with hash -526747664, now seen corresponding path program 1 times [2024-11-11 20:56:03,791 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:03,791 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1204303626] [2024-11-11 20:56:03,791 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:03,791 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:03,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,898 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:56:03,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,904 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-11 20:56:03,905 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:03,907 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:03,908 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:03,908 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1204303626] [2024-11-11 20:56:03,908 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1204303626] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:03,908 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:03,909 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:56:03,909 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [558737728] [2024-11-11 20:56:03,909 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:03,909 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:56:03,910 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:03,910 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:56:03,910 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:03,911 INFO L87 Difference]: Start difference. First operand 221 states and 277 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,952 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:03,952 INFO L93 Difference]: Finished difference Result 528 states and 667 transitions. [2024-11-11 20:56:03,953 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:56:03,953 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-11 20:56:03,953 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:03,955 INFO L225 Difference]: With dead ends: 528 [2024-11-11 20:56:03,955 INFO L226 Difference]: Without dead ends: 315 [2024-11-11 20:56:03,956 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:56:03,961 INFO L435 NwaCegarLoop]: 90 mSDtfsCounter, 39 mSDsluCounter, 75 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 165 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:03,961 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 165 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:56:03,962 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 315 states. [2024-11-11 20:56:03,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 315 to 315. [2024-11-11 20:56:03,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 250 states have (on average 1.248) internal successors, (312), 265 states have internal predecessors, (312), 36 states have call successors, (36), 30 states have call predecessors, (36), 28 states have return successors, (40), 34 states have call predecessors, (40), 36 states have call successors, (40) [2024-11-11 20:56:03,990 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 388 transitions. [2024-11-11 20:56:03,992 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 388 transitions. Word has length 51 [2024-11-11 20:56:03,993 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:03,994 INFO L471 AbstractCegarLoop]: Abstraction has 315 states and 388 transitions. [2024-11-11 20:56:03,994 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-11 20:56:03,994 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 388 transitions. [2024-11-11 20:56:03,995 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:56:03,996 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:03,996 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:03,996 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:56:03,996 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:03,997 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:03,998 INFO L85 PathProgramCache]: Analyzing trace with hash -1427287338, now seen corresponding path program 1 times [2024-11-11 20:56:03,998 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:03,998 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [966156188] [2024-11-11 20:56:03,999 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:03,999 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:04,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,244 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:04,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,255 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:56:04,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,259 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-11 20:56:04,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,264 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:56:04,264 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:04,265 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [966156188] [2024-11-11 20:56:04,265 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [966156188] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:04,266 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:04,266 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-11 20:56:04,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1016056054] [2024-11-11 20:56:04,266 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:04,267 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-11 20:56:04,267 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:04,268 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-11 20:56:04,268 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-11 20:56:04,269 INFO L87 Difference]: Start difference. First operand 315 states and 388 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-11 20:56:04,624 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:04,624 INFO L93 Difference]: Finished difference Result 1036 states and 1343 transitions. [2024-11-11 20:56:04,625 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-11 20:56:04,625 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 55 [2024-11-11 20:56:04,625 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:04,630 INFO L225 Difference]: With dead ends: 1036 [2024-11-11 20:56:04,630 INFO L226 Difference]: Without dead ends: 823 [2024-11-11 20:56:04,632 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 28 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=151, Unknown=0, NotChecked=0, Total=210 [2024-11-11 20:56:04,633 INFO L435 NwaCegarLoop]: 123 mSDtfsCounter, 287 mSDsluCounter, 449 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 297 SdHoareTripleChecker+Valid, 572 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:04,633 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [297 Valid, 572 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:56:04,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 823 states. [2024-11-11 20:56:04,706 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 823 to 815. [2024-11-11 20:56:04,708 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 815 states, 648 states have (on average 1.2191358024691359) internal successors, (790), 689 states have internal predecessors, (790), 90 states have call successors, (90), 66 states have call predecessors, (90), 76 states have return successors, (128), 86 states have call predecessors, (128), 90 states have call successors, (128) [2024-11-11 20:56:04,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 815 states to 815 states and 1008 transitions. [2024-11-11 20:56:04,713 INFO L78 Accepts]: Start accepts. Automaton has 815 states and 1008 transitions. Word has length 55 [2024-11-11 20:56:04,714 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:04,714 INFO L471 AbstractCegarLoop]: Abstraction has 815 states and 1008 transitions. [2024-11-11 20:56:04,714 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-11 20:56:04,714 INFO L276 IsEmpty]: Start isEmpty. Operand 815 states and 1008 transitions. [2024-11-11 20:56:04,716 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-11-11 20:56:04,716 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:04,716 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:04,717 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:56:04,717 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:04,717 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:04,717 INFO L85 PathProgramCache]: Analyzing trace with hash -616604212, now seen corresponding path program 1 times [2024-11-11 20:56:04,718 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:04,718 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1114634636] [2024-11-11 20:56:04,718 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:04,718 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:04,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,759 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:04,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,772 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-11 20:56:04,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,796 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:04,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,799 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-11 20:56:04,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,802 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-11 20:56:04,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:04,805 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-11 20:56:04,805 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:04,805 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1114634636] [2024-11-11 20:56:04,805 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1114634636] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:56:04,805 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:56:04,806 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:56:04,806 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [39216292] [2024-11-11 20:56:04,806 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:56:04,806 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:56:04,806 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:04,807 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:56:04,807 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:56:04,808 INFO L87 Difference]: Start difference. First operand 815 states and 1008 transitions. Second operand has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-11 20:56:05,037 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:05,038 INFO L93 Difference]: Finished difference Result 1379 states and 1704 transitions. [2024-11-11 20:56:05,038 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-11 20:56:05,039 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 85 [2024-11-11 20:56:05,039 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:05,042 INFO L225 Difference]: With dead ends: 1379 [2024-11-11 20:56:05,043 INFO L226 Difference]: Without dead ends: 572 [2024-11-11 20:56:05,045 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2024-11-11 20:56:05,046 INFO L435 NwaCegarLoop]: 119 mSDtfsCounter, 186 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 193 SdHoareTripleChecker+Valid, 315 SdHoareTripleChecker+Invalid, 173 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:05,046 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [193 Valid, 315 Invalid, 173 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:56:05,047 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 572 states. [2024-11-11 20:56:05,091 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 572 to 562. [2024-11-11 20:56:05,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 562 states, 445 states have (on average 1.208988764044944) internal successors, (538), 473 states have internal predecessors, (538), 63 states have call successors, (63), 48 states have call predecessors, (63), 53 states have return successors, (83), 60 states have call predecessors, (83), 63 states have call successors, (83) [2024-11-11 20:56:05,096 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 562 states to 562 states and 684 transitions. [2024-11-11 20:56:05,097 INFO L78 Accepts]: Start accepts. Automaton has 562 states and 684 transitions. Word has length 85 [2024-11-11 20:56:05,097 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:05,097 INFO L471 AbstractCegarLoop]: Abstraction has 562 states and 684 transitions. [2024-11-11 20:56:05,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-11 20:56:05,098 INFO L276 IsEmpty]: Start isEmpty. Operand 562 states and 684 transitions. [2024-11-11 20:56:05,101 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-11-11 20:56:05,101 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:56:05,101 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:05,101 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:56:05,102 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:56:05,102 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:56:05,102 INFO L85 PathProgramCache]: Analyzing trace with hash 1396479385, now seen corresponding path program 1 times [2024-11-11 20:56:05,102 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:56:05,102 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [144172614] [2024-11-11 20:56:05,102 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:05,103 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:56:05,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-11 20:56:05,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,238 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-11 20:56:05,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,269 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-11 20:56:05,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,272 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-11-11 20:56:05,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,293 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-11 20:56:05,294 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,296 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2024-11-11 20:56:05,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,299 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 16 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-11 20:56:05,299 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:56:05,299 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [144172614] [2024-11-11 20:56:05,299 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [144172614] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:56:05,299 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [661682762] [2024-11-11 20:56:05,300 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:56:05,300 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:56:05,300 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:56:05,302 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:56:05,303 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:56:05,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:56:05,404 INFO L256 TraceCheckSpWp]: Trace formula consists of 300 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-11 20:56:05,412 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:56:05,606 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:56:05,606 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:56:05,817 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-11 20:56:05,817 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [661682762] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:56:05,817 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:56:05,818 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2024-11-11 20:56:05,818 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [360448081] [2024-11-11 20:56:05,818 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:56:05,818 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-11-11 20:56:05,818 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:56:05,819 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-11-11 20:56:05,819 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2024-11-11 20:56:05,819 INFO L87 Difference]: Start difference. First operand 562 states and 684 transitions. Second operand has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-11 20:56:06,677 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:56:06,677 INFO L93 Difference]: Finished difference Result 1055 states and 1307 transitions. [2024-11-11 20:56:06,678 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-11 20:56:06,678 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) Word has length 87 [2024-11-11 20:56:06,679 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:56:06,680 INFO L225 Difference]: With dead ends: 1055 [2024-11-11 20:56:06,680 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:56:06,683 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 222 GetRequests, 185 SyntacticMatches, 4 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 262 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=256, Invalid=934, Unknown=0, NotChecked=0, Total=1190 [2024-11-11 20:56:06,683 INFO L435 NwaCegarLoop]: 150 mSDtfsCounter, 277 mSDsluCounter, 1011 mSDsCounter, 0 mSdLazyCounter, 661 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 282 SdHoareTripleChecker+Valid, 1161 SdHoareTripleChecker+Invalid, 731 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 661 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-11 20:56:06,684 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [282 Valid, 1161 Invalid, 731 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 661 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-11 20:56:06,685 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:56:06,685 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:56:06,686 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:56:06,686 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:56:06,686 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2024-11-11 20:56:06,687 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:56:06,687 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:56:06,687 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-11 20:56:06,687 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:56:06,687 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:56:06,690 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:56:06,711 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-11 20:56:06,891 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-11 20:56:06,893 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:56:06,897 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:56:09,469 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:56:09,505 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-11 20:56:09,522 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-11 20:56:09,538 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:56:09 BoogieIcfgContainer [2024-11-11 20:56:09,538 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:56:09,539 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:56:09,539 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:56:09,539 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:56:09,540 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:56:01" (3/4) ... [2024-11-11 20:56:09,542 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:56:09,547 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:56:09,549 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:56:09,549 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:56:09,549 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:56:09,550 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:56:09,550 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-11 20:56:09,556 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 19 nodes and edges [2024-11-11 20:56:09,557 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:56:09,557 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:56:09,558 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:09,558 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:56:09,688 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:56:09,688 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:56:09,689 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:56:09,689 INFO L158 Benchmark]: Toolchain (without parser) took 8997.01ms. Allocated memory was 161.5MB in the beginning and 234.9MB in the end (delta: 73.4MB). Free memory was 105.6MB in the beginning and 130.6MB in the end (delta: -24.9MB). Peak memory consumption was 52.9MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,690 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 161.5MB. Free memory was 131.8MB in the beginning and 131.6MB in the end (delta: 182.2kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:56:09,690 INFO L158 Benchmark]: CACSL2BoogieTranslator took 590.13ms. Allocated memory is still 161.5MB. Free memory was 105.4MB in the beginning and 83.9MB in the end (delta: 21.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,691 INFO L158 Benchmark]: Boogie Procedure Inliner took 52.35ms. Allocated memory is still 161.5MB. Free memory was 83.9MB in the beginning and 81.5MB in the end (delta: 2.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,692 INFO L158 Benchmark]: Boogie Preprocessor took 60.84ms. Allocated memory is still 161.5MB. Free memory was 81.5MB in the beginning and 79.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,692 INFO L158 Benchmark]: RCFGBuilder took 574.44ms. Allocated memory is still 161.5MB. Free memory was 79.2MB in the beginning and 117.9MB in the end (delta: -38.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,692 INFO L158 Benchmark]: TraceAbstraction took 7562.31ms. Allocated memory was 161.5MB in the beginning and 234.9MB in the end (delta: 73.4MB). Free memory was 117.1MB in the beginning and 137.9MB in the end (delta: -20.8MB). Peak memory consumption was 124.0MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,693 INFO L158 Benchmark]: Witness Printer took 149.72ms. Allocated memory is still 234.9MB. Free memory was 137.9MB in the beginning and 130.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:56:09,694 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 161.5MB. Free memory was 131.8MB in the beginning and 131.6MB in the end (delta: 182.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 590.13ms. Allocated memory is still 161.5MB. Free memory was 105.4MB in the beginning and 83.9MB in the end (delta: 21.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 52.35ms. Allocated memory is still 161.5MB. Free memory was 83.9MB in the beginning and 81.5MB in the end (delta: 2.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 60.84ms. Allocated memory is still 161.5MB. Free memory was 81.5MB in the beginning and 79.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 574.44ms. Allocated memory is still 161.5MB. Free memory was 79.2MB in the beginning and 117.9MB in the end (delta: -38.6MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * TraceAbstraction took 7562.31ms. Allocated memory was 161.5MB in the beginning and 234.9MB in the end (delta: 73.4MB). Free memory was 117.1MB in the beginning and 137.9MB in the end (delta: -20.8MB). Peak memory consumption was 124.0MB. Max. memory is 16.1GB. * Witness Printer took 149.72ms. Allocated memory is still 234.9MB. Free memory was 137.9MB in the beginning and 130.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [516] - GenericResultAtLocation [Line: 721]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [721] - GenericResultAtLocation [Line: 791]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [791] - GenericResultAtLocation [Line: 829]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [829] - GenericResultAtLocation [Line: 927]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [927] - GenericResultAtLocation [Line: 936]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [936] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 932]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 89 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.9s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1037 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1011 mSDsluCounter, 3730 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2675 mSDsCounter, 181 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1098 IncrementalHoareTripleChecker+Invalid, 1279 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 181 mSolverCounterUnsat, 1055 mSDtfsCounter, 1098 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 328 GetRequests, 252 SyntacticMatches, 4 SemanticMatches, 72 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 301 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=815occurred in iteration=8, InterpolantAutomatonStates: 77, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 29 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.8s InterpolantComputationTime, 611 NumberOfCodeBlocks, 611 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 686 ConstructedInterpolants, 0 QuantifiedInterpolants, 1315 SizeOfPredicates, 2 NumberOfNonLiveVariables, 300 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 120/142 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 733]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 732]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 841]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 556]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 83]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 831]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 529]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 71]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 634]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:56:09,737 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE