./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:16:46,821 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:16:46,896 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:16:46,899 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:16:46,901 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:16:46,923 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:16:46,923 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:16:46,924 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:16:46,925 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:16:46,927 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:16:46,928 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:16:46,928 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:16:46,929 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:16:46,929 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:16:46,930 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:16:46,931 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:16:46,931 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:16:46,931 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:16:46,931 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:16:46,931 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:16:46,932 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:16:46,932 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:16:46,932 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:16:46,932 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:16:46,932 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:16:46,933 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:16:46,933 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:16:46,933 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:16:46,933 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:16:46,933 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:16:46,934 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:16:46,934 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:16:46,934 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:46,934 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:16:46,935 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:16:46,935 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:16:46,936 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:16:46,936 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:16:46,937 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:16:46,937 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:16:46,937 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:16:46,938 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:16:46,938 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d [2024-11-08 15:16:47,131 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:16:47,149 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:16:47,151 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:16:47,152 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:16:47,152 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:16:47,153 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2024-11-08 15:16:48,380 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:16:48,546 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:16:48,547 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2024-11-08 15:16:48,559 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8ca71f712/057ca058df0b43f582ed4173851ae6c0/FLAG7f92d34db [2024-11-08 15:16:48,936 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/8ca71f712/057ca058df0b43f582ed4173851ae6c0 [2024-11-08 15:16:48,938 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:16:48,939 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:16:48,940 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:48,940 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:16:48,946 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:16:48,946 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:48" (1/1) ... [2024-11-08 15:16:48,948 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5f60fc4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:48, skipping insertion in model container [2024-11-08 15:16:48,948 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:16:48" (1/1) ... [2024-11-08 15:16:48,979 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:16:49,230 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2024-11-08 15:16:49,234 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:49,247 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:16:49,274 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [516] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [721] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [791] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [829] [2024-11-08 15:16:49,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [927] [2024-11-08 15:16:49,277 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [936] [2024-11-08 15:16:49,334 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2024-11-08 15:16:49,340 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:16:49,359 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:16:49,359 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49 WrapperNode [2024-11-08 15:16:49,359 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:16:49,360 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:49,360 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:16:49,360 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:16:49,365 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,376 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,396 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 208 [2024-11-08 15:16:49,396 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:16:49,397 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:16:49,397 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:16:49,397 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:16:49,405 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,405 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,407 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,418 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:16:49,418 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,418 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,425 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,427 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,429 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,430 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,434 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:16:49,434 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:16:49,434 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:16:49,434 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:16:49,435 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (1/1) ... [2024-11-08 15:16:49,439 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:16:49,448 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:49,463 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:16:49,466 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:16:49,504 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:16:49,505 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:16:49,505 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:16:49,505 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:16:49,505 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:16:49,505 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:16:49,505 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:16:49,505 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:16:49,505 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:16:49,506 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 15:16:49,506 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 15:16:49,506 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:16:49,507 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:16:49,507 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:16:49,507 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:16:49,507 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:16:49,575 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:16:49,577 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:16:49,813 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-08 15:16:49,813 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:16:49,822 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:16:49,822 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:16:49,823 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49 BoogieIcfgContainer [2024-11-08 15:16:49,823 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:16:49,824 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:16:49,824 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:16:49,826 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:16:49,826 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:16:48" (1/3) ... [2024-11-08 15:16:49,827 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7ef76784 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:49, skipping insertion in model container [2024-11-08 15:16:49,827 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:16:49" (2/3) ... [2024-11-08 15:16:49,827 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7ef76784 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:16:49, skipping insertion in model container [2024-11-08 15:16:49,827 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49" (3/3) ... [2024-11-08 15:16:49,828 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product44.cil.c [2024-11-08 15:16:49,840 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:16:49,840 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:16:49,881 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:16:49,885 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4ff1eccd, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:16:49,886 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:16:49,889 INFO L276 IsEmpty]: Start isEmpty. Operand has 89 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 77 states have internal predecessors, (97), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-08 15:16:49,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:16:49,896 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:49,896 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:49,896 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:49,903 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:49,903 INFO L85 PathProgramCache]: Analyzing trace with hash -1684151890, now seen corresponding path program 1 times [2024-11-08 15:16:49,910 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:49,910 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [785987794] [2024-11-08 15:16:49,911 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:49,911 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,013 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 15:16:50,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,065 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:50,067 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,070 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,070 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,070 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [785987794] [2024-11-08 15:16:50,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [785987794] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,071 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:16:50,072 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1126171038] [2024-11-08 15:16:50,073 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,076 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:16:50,076 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,097 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:16:50,098 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:50,103 INFO L87 Difference]: Start difference. First operand has 89 states, 71 states have (on average 1.3661971830985915) internal successors, (97), 77 states have internal predecessors, (97), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,130 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,130 INFO L93 Difference]: Finished difference Result 169 states and 228 transitions. [2024-11-08 15:16:50,130 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:16:50,131 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 15:16:50,131 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,137 INFO L225 Difference]: With dead ends: 169 [2024-11-08 15:16:50,137 INFO L226 Difference]: Without dead ends: 80 [2024-11-08 15:16:50,139 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:16:50,144 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,145 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,158 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-08 15:16:50,179 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-08 15:16:50,181 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 64 states have (on average 1.296875) internal successors, (83), 69 states have internal predecessors, (83), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-08 15:16:50,182 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-08 15:16:50,183 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 32 [2024-11-08 15:16:50,183 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,184 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-08 15:16:50,184 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,184 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-08 15:16:50,185 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-08 15:16:50,185 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,185 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,186 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:16:50,186 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,186 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,187 INFO L85 PathProgramCache]: Analyzing trace with hash 1709273223, now seen corresponding path program 1 times [2024-11-08 15:16:50,187 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,187 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [171573460] [2024-11-08 15:16:50,187 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,187 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:16:50,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-08 15:16:50,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,290 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,290 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [171573460] [2024-11-08 15:16:50,290 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [171573460] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,290 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,291 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:16:50,294 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1471867376] [2024-11-08 15:16:50,294 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,295 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:50,295 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,296 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:50,296 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,296 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,310 INFO L93 Difference]: Finished difference Result 120 states and 153 transitions. [2024-11-08 15:16:50,311 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:50,311 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-08 15:16:50,311 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,312 INFO L225 Difference]: With dead ends: 120 [2024-11-08 15:16:50,312 INFO L226 Difference]: Without dead ends: 71 [2024-11-08 15:16:50,312 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,313 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 18 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 156 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,314 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 156 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,314 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 71 states. [2024-11-08 15:16:50,318 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 71 to 71. [2024-11-08 15:16:50,319 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 71 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 63 states have internal predecessors, (76), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-08 15:16:50,320 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 71 states to 71 states and 90 transitions. [2024-11-08 15:16:50,322 INFO L78 Accepts]: Start accepts. Automaton has 71 states and 90 transitions. Word has length 33 [2024-11-08 15:16:50,322 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,322 INFO L471 AbstractCegarLoop]: Abstraction has 71 states and 90 transitions. [2024-11-08 15:16:50,322 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,322 INFO L276 IsEmpty]: Start isEmpty. Operand 71 states and 90 transitions. [2024-11-08 15:16:50,323 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-08 15:16:50,323 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,324 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,325 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:16:50,325 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,325 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,325 INFO L85 PathProgramCache]: Analyzing trace with hash 1502879027, now seen corresponding path program 1 times [2024-11-08 15:16:50,326 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,326 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1106215413] [2024-11-08 15:16:50,326 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,328 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,435 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:50,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,439 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-08 15:16:50,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,443 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,444 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,444 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1106215413] [2024-11-08 15:16:50,445 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1106215413] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,446 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,446 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:16:50,446 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1230899605] [2024-11-08 15:16:50,446 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,446 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:50,446 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,447 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:50,447 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,447 INFO L87 Difference]: Start difference. First operand 71 states and 90 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,471 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,471 INFO L93 Difference]: Finished difference Result 195 states and 253 transitions. [2024-11-08 15:16:50,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:50,472 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-08 15:16:50,472 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,473 INFO L225 Difference]: With dead ends: 195 [2024-11-08 15:16:50,473 INFO L226 Difference]: Without dead ends: 132 [2024-11-08 15:16:50,473 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:50,474 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 78 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,474 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 181 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,475 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2024-11-08 15:16:50,491 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 127. [2024-11-08 15:16:50,491 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 102 states have (on average 1.3333333333333333) internal successors, (136), 111 states have internal predecessors, (136), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 15:16:50,492 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 164 transitions. [2024-11-08 15:16:50,496 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 164 transitions. Word has length 38 [2024-11-08 15:16:50,496 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,496 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 164 transitions. [2024-11-08 15:16:50,497 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,497 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 164 transitions. [2024-11-08 15:16:50,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 15:16:50,498 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,498 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,498 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:16:50,498 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,498 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,498 INFO L85 PathProgramCache]: Analyzing trace with hash -793445015, now seen corresponding path program 1 times [2024-11-08 15:16:50,498 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,499 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1012055971] [2024-11-08 15:16:50,499 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,499 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,617 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:16:50,620 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,621 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 15:16:50,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,641 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:16:50,641 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,641 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1012055971] [2024-11-08 15:16:50,642 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1012055971] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,642 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,642 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:50,642 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1262072856] [2024-11-08 15:16:50,642 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,642 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:50,642 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,643 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:50,643 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:50,643 INFO L87 Difference]: Start difference. First operand 127 states and 164 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,771 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,772 INFO L93 Difference]: Finished difference Result 330 states and 434 transitions. [2024-11-08 15:16:50,772 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:16:50,772 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2024-11-08 15:16:50,773 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,774 INFO L225 Difference]: With dead ends: 330 [2024-11-08 15:16:50,774 INFO L226 Difference]: Without dead ends: 211 [2024-11-08 15:16:50,775 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:16:50,778 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 46 mSDsluCounter, 287 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,779 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 374 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:50,780 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 211 states. [2024-11-08 15:16:50,795 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 211 to 211. [2024-11-08 15:16:50,796 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 166 states have (on average 1.2951807228915662) internal successors, (215), 179 states have internal predecessors, (215), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-08 15:16:50,798 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 267 transitions. [2024-11-08 15:16:50,798 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 267 transitions. Word has length 41 [2024-11-08 15:16:50,798 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,798 INFO L471 AbstractCegarLoop]: Abstraction has 211 states and 267 transitions. [2024-11-08 15:16:50,798 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:16:50,799 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 267 transitions. [2024-11-08 15:16:50,800 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:16:50,800 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,800 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,800 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:16:50,800 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,800 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,801 INFO L85 PathProgramCache]: Analyzing trace with hash 855988844, now seen corresponding path program 1 times [2024-11-08 15:16:50,801 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,801 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1809726370] [2024-11-08 15:16:50,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,801 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,876 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:50,877 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,882 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:16:50,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:50,886 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:50,887 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:50,887 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1809726370] [2024-11-08 15:16:50,887 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1809726370] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:50,887 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:50,887 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:16:50,887 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1389243902] [2024-11-08 15:16:50,887 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:50,887 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:16:50,887 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:50,888 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:16:50,888 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:50,890 INFO L87 Difference]: Start difference. First operand 211 states and 267 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,919 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:50,919 INFO L93 Difference]: Finished difference Result 420 states and 542 transitions. [2024-11-08 15:16:50,920 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:16:50,920 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-08 15:16:50,920 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:50,921 INFO L225 Difference]: With dead ends: 420 [2024-11-08 15:16:50,923 INFO L226 Difference]: Without dead ends: 217 [2024-11-08 15:16:50,924 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:50,925 INFO L432 NwaCegarLoop]: 87 mSDtfsCounter, 0 mSDsluCounter, 254 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 341 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:50,928 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 341 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:50,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2024-11-08 15:16:50,951 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 217. [2024-11-08 15:16:50,952 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 217 states, 172 states have (on average 1.2848837209302326) internal successors, (221), 185 states have internal predecessors, (221), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-08 15:16:50,952 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 217 states to 217 states and 273 transitions. [2024-11-08 15:16:50,953 INFO L78 Accepts]: Start accepts. Automaton has 217 states and 273 transitions. Word has length 51 [2024-11-08 15:16:50,956 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:50,956 INFO L471 AbstractCegarLoop]: Abstraction has 217 states and 273 transitions. [2024-11-08 15:16:50,956 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:50,956 INFO L276 IsEmpty]: Start isEmpty. Operand 217 states and 273 transitions. [2024-11-08 15:16:50,957 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:16:50,957 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:50,957 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:50,957 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:16:50,957 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:50,958 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:50,958 INFO L85 PathProgramCache]: Analyzing trace with hash 1278690670, now seen corresponding path program 1 times [2024-11-08 15:16:50,958 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:50,958 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [400291370] [2024-11-08 15:16:50,958 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:50,958 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:50,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,051 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:51,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,055 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:16:51,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,058 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:51,058 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [400291370] [2024-11-08 15:16:51,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [400291370] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,058 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,058 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:16:51,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [859187781] [2024-11-08 15:16:51,058 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,059 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:16:51,059 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,059 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:16:51,059 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:16:51,059 INFO L87 Difference]: Start difference. First operand 217 states and 273 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,106 INFO L93 Difference]: Finished difference Result 436 states and 558 transitions. [2024-11-08 15:16:51,106 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:16:51,107 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-08 15:16:51,108 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,109 INFO L225 Difference]: With dead ends: 436 [2024-11-08 15:16:51,110 INFO L226 Difference]: Without dead ends: 227 [2024-11-08 15:16:51,110 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:16:51,111 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 80 mSDsluCounter, 259 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,115 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 354 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:51,115 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2024-11-08 15:16:51,127 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 221. [2024-11-08 15:16:51,130 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 176 states have (on average 1.2784090909090908) internal successors, (225), 189 states have internal predecessors, (225), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2024-11-08 15:16:51,131 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 277 transitions. [2024-11-08 15:16:51,132 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 277 transitions. Word has length 51 [2024-11-08 15:16:51,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,132 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 277 transitions. [2024-11-08 15:16:51,132 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,132 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 277 transitions. [2024-11-08 15:16:51,133 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:16:51,134 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,134 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,134 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:16:51,134 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,135 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,135 INFO L85 PathProgramCache]: Analyzing trace with hash -526747664, now seen corresponding path program 1 times [2024-11-08 15:16:51,135 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,135 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [284519] [2024-11-08 15:16:51,135 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,135 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,198 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:16:51,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,201 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:16:51,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,204 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:51,204 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,204 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [284519] [2024-11-08 15:16:51,205 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [284519] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,205 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,205 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:16:51,205 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1662422820] [2024-11-08 15:16:51,205 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,206 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:16:51,206 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,206 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:16:51,207 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:51,207 INFO L87 Difference]: Start difference. First operand 221 states and 277 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,235 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,236 INFO L93 Difference]: Finished difference Result 528 states and 667 transitions. [2024-11-08 15:16:51,236 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:16:51,236 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2024-11-08 15:16:51,236 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,240 INFO L225 Difference]: With dead ends: 528 [2024-11-08 15:16:51,240 INFO L226 Difference]: Without dead ends: 315 [2024-11-08 15:16:51,241 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:16:51,242 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 39 mSDsluCounter, 75 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 165 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,243 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 165 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:16:51,243 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 315 states. [2024-11-08 15:16:51,259 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 315 to 315. [2024-11-08 15:16:51,260 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 250 states have (on average 1.248) internal successors, (312), 265 states have internal predecessors, (312), 36 states have call successors, (36), 30 states have call predecessors, (36), 28 states have return successors, (40), 34 states have call predecessors, (40), 36 states have call successors, (40) [2024-11-08 15:16:51,261 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 388 transitions. [2024-11-08 15:16:51,261 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 388 transitions. Word has length 51 [2024-11-08 15:16:51,261 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,261 INFO L471 AbstractCegarLoop]: Abstraction has 315 states and 388 transitions. [2024-11-08 15:16:51,262 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:16:51,262 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 388 transitions. [2024-11-08 15:16:51,263 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:16:51,263 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,263 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,263 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:16:51,263 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,265 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,265 INFO L85 PathProgramCache]: Analyzing trace with hash -1427287338, now seen corresponding path program 1 times [2024-11-08 15:16:51,265 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,265 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1186624756] [2024-11-08 15:16:51,265 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,266 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,406 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:16:51,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,414 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:16:51,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:16:51,417 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,419 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:16:51,419 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,419 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1186624756] [2024-11-08 15:16:51,420 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1186624756] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,420 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,420 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:16:51,420 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1196566701] [2024-11-08 15:16:51,420 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,420 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:16:51,420 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,421 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:16:51,421 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:16:51,421 INFO L87 Difference]: Start difference. First operand 315 states and 388 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:16:51,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:51,715 INFO L93 Difference]: Finished difference Result 1036 states and 1343 transitions. [2024-11-08 15:16:51,715 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-08 15:16:51,715 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 55 [2024-11-08 15:16:51,715 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:51,719 INFO L225 Difference]: With dead ends: 1036 [2024-11-08 15:16:51,719 INFO L226 Difference]: Without dead ends: 823 [2024-11-08 15:16:51,720 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 28 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=151, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:16:51,720 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 287 mSDsluCounter, 449 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 297 SdHoareTripleChecker+Valid, 572 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:51,720 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [297 Valid, 572 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:16:51,721 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 823 states. [2024-11-08 15:16:51,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 823 to 815. [2024-11-08 15:16:51,777 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 815 states, 648 states have (on average 1.2191358024691359) internal successors, (790), 689 states have internal predecessors, (790), 90 states have call successors, (90), 66 states have call predecessors, (90), 76 states have return successors, (128), 86 states have call predecessors, (128), 90 states have call successors, (128) [2024-11-08 15:16:51,780 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 815 states to 815 states and 1008 transitions. [2024-11-08 15:16:51,781 INFO L78 Accepts]: Start accepts. Automaton has 815 states and 1008 transitions. Word has length 55 [2024-11-08 15:16:51,781 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:51,782 INFO L471 AbstractCegarLoop]: Abstraction has 815 states and 1008 transitions. [2024-11-08 15:16:51,782 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:16:51,782 INFO L276 IsEmpty]: Start isEmpty. Operand 815 states and 1008 transitions. [2024-11-08 15:16:51,783 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2024-11-08 15:16:51,784 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:51,784 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:51,784 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:16:51,784 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:51,784 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:51,784 INFO L85 PathProgramCache]: Analyzing trace with hash -616604212, now seen corresponding path program 1 times [2024-11-08 15:16:51,784 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:51,785 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [991089326] [2024-11-08 15:16:51,785 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:51,785 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:51,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,826 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:16:51,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,834 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:16:51,838 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,849 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:16:51,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,852 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-08 15:16:51,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-08 15:16:51,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:51,856 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:16:51,856 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:51,856 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [991089326] [2024-11-08 15:16:51,856 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [991089326] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:16:51,856 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:16:51,856 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:16:51,856 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1929872307] [2024-11-08 15:16:51,856 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:16:51,857 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:16:51,857 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:51,857 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:16:51,858 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:16:51,858 INFO L87 Difference]: Start difference. First operand 815 states and 1008 transitions. Second operand has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-08 15:16:52,038 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:52,038 INFO L93 Difference]: Finished difference Result 1379 states and 1704 transitions. [2024-11-08 15:16:52,039 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:16:52,039 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 85 [2024-11-08 15:16:52,039 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:52,042 INFO L225 Difference]: With dead ends: 1379 [2024-11-08 15:16:52,042 INFO L226 Difference]: Without dead ends: 572 [2024-11-08 15:16:52,043 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2024-11-08 15:16:52,044 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 186 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 193 SdHoareTripleChecker+Valid, 315 SdHoareTripleChecker+Invalid, 173 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:52,044 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [193 Valid, 315 Invalid, 173 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:16:52,045 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 572 states. [2024-11-08 15:16:52,072 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 572 to 562. [2024-11-08 15:16:52,073 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 562 states, 445 states have (on average 1.208988764044944) internal successors, (538), 473 states have internal predecessors, (538), 63 states have call successors, (63), 48 states have call predecessors, (63), 53 states have return successors, (83), 60 states have call predecessors, (83), 63 states have call successors, (83) [2024-11-08 15:16:52,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 562 states to 562 states and 684 transitions. [2024-11-08 15:16:52,076 INFO L78 Accepts]: Start accepts. Automaton has 562 states and 684 transitions. Word has length 85 [2024-11-08 15:16:52,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:52,076 INFO L471 AbstractCegarLoop]: Abstraction has 562 states and 684 transitions. [2024-11-08 15:16:52,077 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.666666666666666) internal successors, (70), 4 states have internal predecessors, (70), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-08 15:16:52,077 INFO L276 IsEmpty]: Start isEmpty. Operand 562 states and 684 transitions. [2024-11-08 15:16:52,078 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2024-11-08 15:16:52,078 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:16:52,078 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:52,078 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:16:52,078 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:16:52,078 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:16:52,078 INFO L85 PathProgramCache]: Analyzing trace with hash 1396479385, now seen corresponding path program 1 times [2024-11-08 15:16:52,079 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:16:52,079 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1912581871] [2024-11-08 15:16:52,079 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:52,079 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:16:52,091 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,185 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:16:52,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,198 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-08 15:16:52,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,219 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:16:52,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,221 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2024-11-08 15:16:52,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,232 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-08 15:16:52,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,234 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2024-11-08 15:16:52,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,236 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 16 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-08 15:16:52,236 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:16:52,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1912581871] [2024-11-08 15:16:52,236 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1912581871] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:16:52,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [282497265] [2024-11-08 15:16:52,236 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:16:52,237 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:16:52,237 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:16:52,238 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:16:52,239 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:16:52,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:16:52,326 INFO L255 TraceCheckSpWp]: Trace formula consists of 300 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:16:52,330 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:16:52,457 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:16:52,457 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:16:52,606 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-08 15:16:52,606 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [282497265] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:16:52,606 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:16:52,606 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2024-11-08 15:16:52,607 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2125439989] [2024-11-08 15:16:52,607 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:16:52,607 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-11-08 15:16:52,607 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:16:52,607 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-11-08 15:16:52,608 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2024-11-08 15:16:52,608 INFO L87 Difference]: Start difference. First operand 562 states and 684 transitions. Second operand has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-08 15:16:53,191 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:16:53,191 INFO L93 Difference]: Finished difference Result 1055 states and 1307 transitions. [2024-11-08 15:16:53,192 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-08 15:16:53,192 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) Word has length 87 [2024-11-08 15:16:53,192 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:16:53,193 INFO L225 Difference]: With dead ends: 1055 [2024-11-08 15:16:53,193 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:16:53,195 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 222 GetRequests, 185 SyntacticMatches, 4 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 262 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=256, Invalid=934, Unknown=0, NotChecked=0, Total=1190 [2024-11-08 15:16:53,198 INFO L432 NwaCegarLoop]: 150 mSDtfsCounter, 277 mSDsluCounter, 1011 mSDsCounter, 0 mSdLazyCounter, 661 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 282 SdHoareTripleChecker+Valid, 1161 SdHoareTripleChecker+Invalid, 731 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 661 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:16:53,198 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [282 Valid, 1161 Invalid, 731 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 661 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:16:53,198 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:16:53,199 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:16:53,199 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:16:53,199 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:16:53,199 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2024-11-08 15:16:53,199 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:16:53,199 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:16:53,199 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-08 15:16:53,199 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:16:53,199 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:16:53,202 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:16:53,220 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-08 15:16:53,403 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-08 15:16:53,406 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:16:53,408 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:16:55,326 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:16:55,368 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (<= |old(~waterLevel~0)| 2)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (= 0 ~systemActive~0) .cse1) (and .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse3) (and .cse2 .cse0 .cse1) (and .cse2 .cse3 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-08 15:16:55,380 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse1 .cse2) (and .cse3 (= 0 ~systemActive~0) .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2) (and .cse3 .cse2 (= 0 ~systemActive~0)))) [2024-11-08 15:16:55,396 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:16:55 BoogieIcfgContainer [2024-11-08 15:16:55,397 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:16:55,397 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:16:55,397 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:16:55,397 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:16:55,398 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:16:49" (3/4) ... [2024-11-08 15:16:55,403 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:16:55,406 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 15:16:55,410 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 19 nodes and edges [2024-11-08 15:16:55,410 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:16:55,411 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:16:55,411 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:55,411 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:16:55,500 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:16:55,501 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:16:55,501 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:16:55,501 INFO L158 Benchmark]: Toolchain (without parser) took 6562.38ms. Allocated memory was 186.6MB in the beginning and 281.0MB in the end (delta: 94.4MB). Free memory was 115.7MB in the beginning and 226.6MB in the end (delta: -110.9MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:16:55,503 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 113.2MB. Free memory is still 77.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:16:55,503 INFO L158 Benchmark]: CACSL2BoogieTranslator took 419.82ms. Allocated memory is still 186.6MB. Free memory was 115.5MB in the beginning and 151.1MB in the end (delta: -35.7MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,503 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.02ms. Allocated memory is still 186.6MB. Free memory was 150.4MB in the beginning and 148.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,503 INFO L158 Benchmark]: Boogie Preprocessor took 37.24ms. Allocated memory is still 186.6MB. Free memory was 148.4MB in the beginning and 146.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,503 INFO L158 Benchmark]: RCFGBuilder took 388.42ms. Allocated memory is still 186.6MB. Free memory was 146.3MB in the beginning and 128.1MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,504 INFO L158 Benchmark]: TraceAbstraction took 5572.83ms. Allocated memory was 186.6MB in the beginning and 281.0MB in the end (delta: 94.4MB). Free memory was 127.4MB in the beginning and 234.0MB in the end (delta: -106.6MB). Peak memory consumption was 110.1MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,504 INFO L158 Benchmark]: Witness Printer took 103.79ms. Allocated memory is still 281.0MB. Free memory was 234.0MB in the beginning and 226.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 15:16:55,507 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 113.2MB. Free memory is still 77.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 419.82ms. Allocated memory is still 186.6MB. Free memory was 115.5MB in the beginning and 151.1MB in the end (delta: -35.7MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.02ms. Allocated memory is still 186.6MB. Free memory was 150.4MB in the beginning and 148.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.24ms. Allocated memory is still 186.6MB. Free memory was 148.4MB in the beginning and 146.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 388.42ms. Allocated memory is still 186.6MB. Free memory was 146.3MB in the beginning and 128.1MB in the end (delta: 18.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 5572.83ms. Allocated memory was 186.6MB in the beginning and 281.0MB in the end (delta: 94.4MB). Free memory was 127.4MB in the beginning and 234.0MB in the end (delta: -106.6MB). Peak memory consumption was 110.1MB. Max. memory is 16.1GB. * Witness Printer took 103.79ms. Allocated memory is still 281.0MB. Free memory was 234.0MB in the beginning and 226.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [150] - GenericResultAtLocation [Line: 516]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [516] - GenericResultAtLocation [Line: 721]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [721] - GenericResultAtLocation [Line: 791]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [791] - GenericResultAtLocation [Line: 829]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [829] - GenericResultAtLocation [Line: 927]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [927] - GenericResultAtLocation [Line: 936]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [936] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 932]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 89 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1037 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1011 mSDsluCounter, 3730 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2675 mSDsCounter, 181 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1098 IncrementalHoareTripleChecker+Invalid, 1279 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 181 mSolverCounterUnsat, 1055 mSDtfsCounter, 1098 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 328 GetRequests, 252 SyntacticMatches, 4 SemanticMatches, 72 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 301 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=815occurred in iteration=8, InterpolantAutomatonStates: 77, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 29 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 611 NumberOfCodeBlocks, 611 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 686 ConstructedInterpolants, 0 QuantifiedInterpolants, 1315 SizeOfPredicates, 2 NumberOfNonLiveVariables, 300 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 120/142 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 733]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) - InvariantResult [Line: 732]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 841]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 556]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 83]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 831]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 529]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (0 != systemActive))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((((\old(pumpRunning) == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 71]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 634]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 == systemActive))) && (pumpRunning == \result)) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:16:55,530 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE