./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 1ef39c14b0f41147d1df64069011556a64ce74ff520b071f62407c2225292c50 --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:17:00,130 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:17:00,222 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:17:00,228 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:17:00,228 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:17:00,257 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:17:00,259 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:17:00,259 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:17:00,260 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:17:00,261 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:17:00,262 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:17:00,263 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:17:00,264 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:17:00,264 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:17:00,264 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:17:00,268 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:17:00,269 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:17:00,269 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:17:00,269 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:17:00,270 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:17:00,270 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:17:00,271 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:17:00,273 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:17:00,274 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:17:00,274 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:17:00,274 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:17:00,274 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:17:00,275 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:17:00,275 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:17:00,275 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:17:00,276 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:17:00,276 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:17:00,276 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:00,276 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:17:00,277 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:17:00,277 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:17:00,277 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:17:00,277 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:17:00,278 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:17:00,278 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:17:00,279 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:17:00,279 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:17:00,279 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 1ef39c14b0f41147d1df64069011556a64ce74ff520b071f62407c2225292c50 [2024-11-08 15:17:00,532 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:17:00,557 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:17:00,560 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:17:00,561 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:17:00,561 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:17:00,562 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c [2024-11-08 15:17:01,979 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:17:02,208 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:17:02,209 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c [2024-11-08 15:17:02,221 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5e6d03436/6ba36808b6d84947af36f4add4e1995e/FLAGaae486a51 [2024-11-08 15:17:02,552 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5e6d03436/6ba36808b6d84947af36f4add4e1995e [2024-11-08 15:17:02,554 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:17:02,555 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:17:02,556 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:02,556 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:17:02,560 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:17:02,561 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:02" (1/1) ... [2024-11-08 15:17:02,562 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3f192b52 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:02, skipping insertion in model container [2024-11-08 15:17:02,562 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:17:02" (1/1) ... [2024-11-08 15:17:02,603 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:17:02,909 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c[18485,18498] [2024-11-08 15:17:02,915 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:02,935 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:17:02,946 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-08 15:17:02,947 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [277] [2024-11-08 15:17:02,948 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [381] [2024-11-08 15:17:02,948 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [448] [2024-11-08 15:17:02,948 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [483] [2024-11-08 15:17:02,948 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [849] [2024-11-08 15:17:02,949 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [953] [2024-11-08 15:17:02,949 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [962] [2024-11-08 15:17:03,013 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product51.cil.c[18485,18498] [2024-11-08 15:17:03,017 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:17:03,049 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:17:03,049 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03 WrapperNode [2024-11-08 15:17:03,049 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:17:03,050 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:03,050 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:17:03,050 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:17:03,056 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,074 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,105 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 212 [2024-11-08 15:17:03,106 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:17:03,106 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:17:03,106 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:17:03,107 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:17:03,114 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,115 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,117 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,136 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:17:03,136 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,136 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,141 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,148 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,150 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,151 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,155 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:17:03,156 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:17:03,156 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:17:03,156 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:17:03,157 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (1/1) ... [2024-11-08 15:17:03,164 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:17:03,174 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:03,190 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:17:03,198 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:17:03,247 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:17:03,248 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:17:03,248 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:17:03,248 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:17:03,248 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:17:03,248 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:17:03,248 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:17:03,248 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:03,248 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:03,248 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:17:03,249 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:17:03,249 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-08 15:17:03,249 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-08 15:17:03,249 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:17:03,249 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:17:03,249 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:17:03,249 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:17:03,249 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:17:03,249 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:17:03,249 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:17:03,345 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:17:03,347 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:17:03,683 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-11-08 15:17:03,683 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:17:03,727 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:17:03,728 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:17:03,728 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:03 BoogieIcfgContainer [2024-11-08 15:17:03,728 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:17:03,731 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:17:03,731 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:17:03,734 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:17:03,734 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:17:02" (1/3) ... [2024-11-08 15:17:03,735 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3574975f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:03, skipping insertion in model container [2024-11-08 15:17:03,735 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:17:03" (2/3) ... [2024-11-08 15:17:03,736 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3574975f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:17:03, skipping insertion in model container [2024-11-08 15:17:03,736 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:03" (3/3) ... [2024-11-08 15:17:03,737 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product51.cil.c [2024-11-08 15:17:03,754 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:17:03,754 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:17:03,826 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:17:03,833 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@74acf7cc, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:17:03,833 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:17:03,837 INFO L276 IsEmpty]: Start isEmpty. Operand has 99 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 84 states have internal predecessors, (103), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-08 15:17:03,847 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:17:03,847 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:03,848 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:03,848 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:03,853 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:03,853 INFO L85 PathProgramCache]: Analyzing trace with hash 764297473, now seen corresponding path program 1 times [2024-11-08 15:17:03,859 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:03,860 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2103456523] [2024-11-08 15:17:03,860 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:03,860 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:03,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,054 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-08 15:17:04,058 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,062 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:17:04,065 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,069 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:04,070 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:04,070 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2103456523] [2024-11-08 15:17:04,071 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2103456523] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:04,071 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:04,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:17:04,076 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [461051920] [2024-11-08 15:17:04,077 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:04,086 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:17:04,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:04,119 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:17:04,119 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:04,123 INFO L87 Difference]: Start difference. First operand has 99 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 84 states have internal predecessors, (103), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,162 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:04,163 INFO L93 Difference]: Finished difference Result 189 states and 256 transitions. [2024-11-08 15:17:04,165 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:17:04,166 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-08 15:17:04,167 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:04,177 INFO L225 Difference]: With dead ends: 189 [2024-11-08 15:17:04,178 INFO L226 Difference]: Without dead ends: 90 [2024-11-08 15:17:04,182 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:17:04,185 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:04,186 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:17:04,206 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2024-11-08 15:17:04,235 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2024-11-08 15:17:04,238 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 76 states have internal predecessors, (89), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:17:04,240 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 116 transitions. [2024-11-08 15:17:04,245 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 116 transitions. Word has length 32 [2024-11-08 15:17:04,246 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:04,247 INFO L471 AbstractCegarLoop]: Abstraction has 90 states and 116 transitions. [2024-11-08 15:17:04,247 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-08 15:17:04,247 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 116 transitions. [2024-11-08 15:17:04,251 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-08 15:17:04,252 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:04,252 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:04,253 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:17:04,253 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:04,255 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:04,255 INFO L85 PathProgramCache]: Analyzing trace with hash -297054839, now seen corresponding path program 1 times [2024-11-08 15:17:04,255 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:04,255 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1822812636] [2024-11-08 15:17:04,256 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:04,256 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:04,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,489 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:04,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,496 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-08 15:17:04,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,499 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:04,500 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:04,500 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1822812636] [2024-11-08 15:17:04,500 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1822812636] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:04,500 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:04,500 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:04,501 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [336360347] [2024-11-08 15:17:04,501 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:04,502 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:04,502 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:04,503 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:04,503 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:04,503 INFO L87 Difference]: Start difference. First operand 90 states and 116 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:04,825 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:04,826 INFO L93 Difference]: Finished difference Result 309 states and 412 transitions. [2024-11-08 15:17:04,826 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:17:04,827 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2024-11-08 15:17:04,827 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:04,830 INFO L225 Difference]: With dead ends: 309 [2024-11-08 15:17:04,830 INFO L226 Difference]: Without dead ends: 227 [2024-11-08 15:17:04,832 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:17:04,833 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 201 mSDsluCounter, 400 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 201 SdHoareTripleChecker+Valid, 531 SdHoareTripleChecker+Invalid, 113 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:04,834 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [201 Valid, 531 Invalid, 113 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:04,835 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 227 states. [2024-11-08 15:17:04,874 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 227 to 221. [2024-11-08 15:17:04,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 164 states have (on average 1.329268292682927) internal successors, (218), 182 states have internal predecessors, (218), 37 states have call successors, (37), 22 states have call predecessors, (37), 19 states have return successors, (37), 26 states have call predecessors, (37), 34 states have call successors, (37) [2024-11-08 15:17:04,878 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 292 transitions. [2024-11-08 15:17:04,879 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 292 transitions. Word has length 37 [2024-11-08 15:17:04,879 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:04,879 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 292 transitions. [2024-11-08 15:17:04,880 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:04,880 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 292 transitions. [2024-11-08 15:17:04,883 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-08 15:17:04,883 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:04,883 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:04,883 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:17:04,884 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:04,884 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:04,884 INFO L85 PathProgramCache]: Analyzing trace with hash -1133604870, now seen corresponding path program 1 times [2024-11-08 15:17:04,885 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:04,885 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [131933930] [2024-11-08 15:17:04,885 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:04,888 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:04,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,950 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:17:04,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,958 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:17:04,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:04,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,964 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-11-08 15:17:04,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:04,973 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:04,973 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:04,973 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [131933930] [2024-11-08 15:17:04,974 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [131933930] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:04,974 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:04,974 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-08 15:17:04,976 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [686892872] [2024-11-08 15:17:04,976 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:04,977 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-08 15:17:04,977 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:04,978 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-08 15:17:04,981 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-08 15:17:04,981 INFO L87 Difference]: Start difference. First operand 221 states and 292 transitions. Second operand has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:17:05,101 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,102 INFO L93 Difference]: Finished difference Result 370 states and 484 transitions. [2024-11-08 15:17:05,103 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-08 15:17:05,103 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2024-11-08 15:17:05,103 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,105 INFO L225 Difference]: With dead ends: 370 [2024-11-08 15:17:05,106 INFO L226 Difference]: Without dead ends: 222 [2024-11-08 15:17:05,108 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-08 15:17:05,110 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 69 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 56 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 70 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 56 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,110 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 181 Invalid, 70 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 56 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:05,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 222 states. [2024-11-08 15:17:05,153 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 222 to 194. [2024-11-08 15:17:05,154 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 194 states, 146 states have (on average 1.3493150684931507) internal successors, (197), 164 states have internal predecessors, (197), 28 states have call successors, (28), 19 states have call predecessors, (28), 19 states have return successors, (29), 20 states have call predecessors, (29), 28 states have call successors, (29) [2024-11-08 15:17:05,156 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 194 states to 194 states and 254 transitions. [2024-11-08 15:17:05,157 INFO L78 Accepts]: Start accepts. Automaton has 194 states and 254 transitions. Word has length 43 [2024-11-08 15:17:05,157 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,157 INFO L471 AbstractCegarLoop]: Abstraction has 194 states and 254 transitions. [2024-11-08 15:17:05,157 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:17:05,158 INFO L276 IsEmpty]: Start isEmpty. Operand 194 states and 254 transitions. [2024-11-08 15:17:05,159 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-08 15:17:05,159 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,159 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,160 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:17:05,160 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,160 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,161 INFO L85 PathProgramCache]: Analyzing trace with hash 1125311, now seen corresponding path program 1 times [2024-11-08 15:17:05,161 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,161 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [78128194] [2024-11-08 15:17:05,161 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,161 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,259 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:17:05,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,262 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 15:17:05,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,290 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:17:05,290 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,290 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [78128194] [2024-11-08 15:17:05,291 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [78128194] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,291 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,291 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:05,291 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [961075086] [2024-11-08 15:17:05,291 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,292 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:05,292 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,292 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:05,292 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:05,293 INFO L87 Difference]: Start difference. First operand 194 states and 254 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:05,445 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,445 INFO L93 Difference]: Finished difference Result 463 states and 620 transitions. [2024-11-08 15:17:05,445 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:05,446 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 41 [2024-11-08 15:17:05,446 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,448 INFO L225 Difference]: With dead ends: 463 [2024-11-08 15:17:05,448 INFO L226 Difference]: Without dead ends: 277 [2024-11-08 15:17:05,453 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:05,454 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 71 mSDsluCounter, 342 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 446 SdHoareTripleChecker+Invalid, 77 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,454 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 446 Invalid, 77 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:05,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 277 states. [2024-11-08 15:17:05,502 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 277 to 275. [2024-11-08 15:17:05,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 275 states, 207 states have (on average 1.289855072463768) internal successors, (267), 224 states have internal predecessors, (267), 37 states have call successors, (37), 30 states have call predecessors, (37), 30 states have return successors, (47), 34 states have call predecessors, (47), 37 states have call successors, (47) [2024-11-08 15:17:05,506 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 275 states to 275 states and 351 transitions. [2024-11-08 15:17:05,507 INFO L78 Accepts]: Start accepts. Automaton has 275 states and 351 transitions. Word has length 41 [2024-11-08 15:17:05,507 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,508 INFO L471 AbstractCegarLoop]: Abstraction has 275 states and 351 transitions. [2024-11-08 15:17:05,508 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-08 15:17:05,508 INFO L276 IsEmpty]: Start isEmpty. Operand 275 states and 351 transitions. [2024-11-08 15:17:05,513 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:17:05,513 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,513 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,513 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:17:05,513 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,514 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,514 INFO L85 PathProgramCache]: Analyzing trace with hash 1784621037, now seen corresponding path program 1 times [2024-11-08 15:17:05,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,514 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [607652180] [2024-11-08 15:17:05,514 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,514 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,538 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,618 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:05,635 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,645 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:05,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,737 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:17:05,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:05,741 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:05,742 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:05,743 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [607652180] [2024-11-08 15:17:05,743 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [607652180] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:05,743 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:05,743 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:17:05,743 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1383322732] [2024-11-08 15:17:05,743 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:05,744 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:17:05,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:05,744 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:17:05,744 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:17:05,744 INFO L87 Difference]: Start difference. First operand 275 states and 351 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:05,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:05,903 INFO L93 Difference]: Finished difference Result 596 states and 770 transitions. [2024-11-08 15:17:05,904 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:17:05,904 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-11-08 15:17:05,904 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:05,907 INFO L225 Difference]: With dead ends: 596 [2024-11-08 15:17:05,907 INFO L226 Difference]: Without dead ends: 329 [2024-11-08 15:17:05,910 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:05,911 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 56 mSDsluCounter, 296 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 386 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:05,912 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 386 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:05,913 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 329 states. [2024-11-08 15:17:05,941 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 329 to 327. [2024-11-08 15:17:05,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 327 states, 249 states have (on average 1.2730923694779117) internal successors, (317), 266 states have internal predecessors, (317), 41 states have call successors, (41), 30 states have call predecessors, (41), 36 states have return successors, (57), 42 states have call predecessors, (57), 41 states have call successors, (57) [2024-11-08 15:17:05,945 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 327 states to 327 states and 415 transitions. [2024-11-08 15:17:05,946 INFO L78 Accepts]: Start accepts. Automaton has 327 states and 415 transitions. Word has length 51 [2024-11-08 15:17:05,947 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:05,947 INFO L471 AbstractCegarLoop]: Abstraction has 327 states and 415 transitions. [2024-11-08 15:17:05,947 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:05,947 INFO L276 IsEmpty]: Start isEmpty. Operand 327 states and 415 transitions. [2024-11-08 15:17:05,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:17:05,951 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:05,952 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:05,952 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:17:05,953 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:05,953 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:05,953 INFO L85 PathProgramCache]: Analyzing trace with hash 95677295, now seen corresponding path program 1 times [2024-11-08 15:17:05,954 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:05,954 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1898844989] [2024-11-08 15:17:05,954 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:05,954 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:05,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,066 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:06,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,077 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:06,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,135 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:17:06,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,138 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,142 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,142 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1898844989] [2024-11-08 15:17:06,143 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1898844989] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,143 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,143 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:17:06,143 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1669866099] [2024-11-08 15:17:06,143 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,143 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:17:06,143 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,144 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:17:06,144 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:06,144 INFO L87 Difference]: Start difference. First operand 327 states and 415 transitions. Second operand has 7 states, 7 states have (on average 6.0) internal successors, (42), 6 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,321 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,322 INFO L93 Difference]: Finished difference Result 652 states and 847 transitions. [2024-11-08 15:17:06,324 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:06,324 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.0) internal successors, (42), 6 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-11-08 15:17:06,324 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,326 INFO L225 Difference]: With dead ends: 652 [2024-11-08 15:17:06,327 INFO L226 Difference]: Without dead ends: 333 [2024-11-08 15:17:06,329 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:06,330 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 55 mSDsluCounter, 375 mSDsCounter, 0 mSdLazyCounter, 154 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 464 SdHoareTripleChecker+Invalid, 167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 154 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,330 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 464 Invalid, 167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 154 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:17:06,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2024-11-08 15:17:06,358 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 331. [2024-11-08 15:17:06,359 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 331 states, 253 states have (on average 1.2687747035573123) internal successors, (321), 270 states have internal predecessors, (321), 41 states have call successors, (41), 30 states have call predecessors, (41), 36 states have return successors, (57), 42 states have call predecessors, (57), 41 states have call successors, (57) [2024-11-08 15:17:06,361 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 331 states to 331 states and 419 transitions. [2024-11-08 15:17:06,361 INFO L78 Accepts]: Start accepts. Automaton has 331 states and 419 transitions. Word has length 51 [2024-11-08 15:17:06,361 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,362 INFO L471 AbstractCegarLoop]: Abstraction has 331 states and 419 transitions. [2024-11-08 15:17:06,362 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.0) internal successors, (42), 6 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,362 INFO L276 IsEmpty]: Start isEmpty. Operand 331 states and 419 transitions. [2024-11-08 15:17:06,363 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-08 15:17:06,363 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,363 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,363 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:17:06,363 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,364 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,364 INFO L85 PathProgramCache]: Analyzing trace with hash 518379121, now seen corresponding path program 1 times [2024-11-08 15:17:06,364 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,364 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [348202794] [2024-11-08 15:17:06,364 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,364 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,436 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-08 15:17:06,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,442 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:17:06,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,468 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:17:06,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,470 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:06,471 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:06,471 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [348202794] [2024-11-08 15:17:06,471 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [348202794] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:06,471 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:06,471 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:17:06,471 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1559297121] [2024-11-08 15:17:06,471 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:06,472 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:17:06,472 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:06,472 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:17:06,473 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:17:06,473 INFO L87 Difference]: Start difference. First operand 331 states and 419 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,727 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:06,728 INFO L93 Difference]: Finished difference Result 996 states and 1308 transitions. [2024-11-08 15:17:06,728 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:17:06,728 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-11-08 15:17:06,728 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:06,733 INFO L225 Difference]: With dead ends: 996 [2024-11-08 15:17:06,734 INFO L226 Difference]: Without dead ends: 673 [2024-11-08 15:17:06,735 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:17:06,737 INFO L432 NwaCegarLoop]: 134 mSDtfsCounter, 224 mSDsluCounter, 185 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 231 SdHoareTripleChecker+Valid, 319 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:06,737 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [231 Valid, 319 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:06,738 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 673 states. [2024-11-08 15:17:06,801 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 673 to 666. [2024-11-08 15:17:06,803 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 666 states, 505 states have (on average 1.2356435643564356) internal successors, (624), 534 states have internal predecessors, (624), 88 states have call successors, (88), 71 states have call predecessors, (88), 72 states have return successors, (133), 86 states have call predecessors, (133), 88 states have call successors, (133) [2024-11-08 15:17:06,808 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 666 states to 666 states and 845 transitions. [2024-11-08 15:17:06,811 INFO L78 Accepts]: Start accepts. Automaton has 666 states and 845 transitions. Word has length 51 [2024-11-08 15:17:06,812 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:06,812 INFO L471 AbstractCegarLoop]: Abstraction has 666 states and 845 transitions. [2024-11-08 15:17:06,813 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:17:06,813 INFO L276 IsEmpty]: Start isEmpty. Operand 666 states and 845 transitions. [2024-11-08 15:17:06,814 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-08 15:17:06,814 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:06,814 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:06,814 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:17:06,814 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:06,815 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:06,815 INFO L85 PathProgramCache]: Analyzing trace with hash -1241994025, now seen corresponding path program 1 times [2024-11-08 15:17:06,815 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:06,815 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1024408338] [2024-11-08 15:17:06,815 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:06,816 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:06,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,931 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:06,933 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,988 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:17:06,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:06,999 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-08 15:17:07,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,010 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-08 15:17:07,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,012 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:17:07,014 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:07,014 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1024408338] [2024-11-08 15:17:07,015 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1024408338] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:07,015 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:07,015 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-08 15:17:07,015 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [543884347] [2024-11-08 15:17:07,015 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:07,015 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-08 15:17:07,016 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:07,016 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-08 15:17:07,016 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:17:07,016 INFO L87 Difference]: Start difference. First operand 666 states and 845 transitions. Second operand has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:07,640 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:07,641 INFO L93 Difference]: Finished difference Result 1981 states and 2612 transitions. [2024-11-08 15:17:07,641 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-08 15:17:07,641 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 55 [2024-11-08 15:17:07,642 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:07,651 INFO L225 Difference]: With dead ends: 1981 [2024-11-08 15:17:07,652 INFO L226 Difference]: Without dead ends: 1460 [2024-11-08 15:17:07,655 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 67 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=101, Invalid=319, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:17:07,657 INFO L432 NwaCegarLoop]: 112 mSDtfsCounter, 411 mSDsluCounter, 551 mSDsCounter, 0 mSdLazyCounter, 501 mSolverCounterSat, 123 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 418 SdHoareTripleChecker+Valid, 663 SdHoareTripleChecker+Invalid, 624 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 123 IncrementalHoareTripleChecker+Valid, 501 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:07,657 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [418 Valid, 663 Invalid, 624 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [123 Valid, 501 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-08 15:17:07,659 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1460 states. [2024-11-08 15:17:07,768 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1460 to 1268. [2024-11-08 15:17:07,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1268 states, 963 states have (on average 1.2315680166147456) internal successors, (1186), 1025 states have internal predecessors, (1186), 165 states have call successors, (165), 123 states have call predecessors, (165), 139 states have return successors, (253), 162 states have call predecessors, (253), 165 states have call successors, (253) [2024-11-08 15:17:07,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1268 states to 1268 states and 1604 transitions. [2024-11-08 15:17:07,780 INFO L78 Accepts]: Start accepts. Automaton has 1268 states and 1604 transitions. Word has length 55 [2024-11-08 15:17:07,780 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:07,780 INFO L471 AbstractCegarLoop]: Abstraction has 1268 states and 1604 transitions. [2024-11-08 15:17:07,780 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-08 15:17:07,780 INFO L276 IsEmpty]: Start isEmpty. Operand 1268 states and 1604 transitions. [2024-11-08 15:17:07,783 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2024-11-08 15:17:07,784 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:07,784 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:07,784 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:17:07,785 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:07,785 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:07,785 INFO L85 PathProgramCache]: Analyzing trace with hash 311034572, now seen corresponding path program 1 times [2024-11-08 15:17:07,785 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:07,785 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1897266125] [2024-11-08 15:17:07,785 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:07,786 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:07,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,931 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:07,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,944 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:17:07,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,972 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:07,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,983 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:07,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:07,994 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-08 15:17:07,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,014 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2024-11-08 15:17:08,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,017 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:08,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,020 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2024-11-08 15:17:08,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,023 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:08,023 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:08,023 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1897266125] [2024-11-08 15:17:08,023 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1897266125] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:17:08,023 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [983506914] [2024-11-08 15:17:08,023 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:08,024 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:08,024 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:08,026 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:17:08,027 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:17:08,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:08,130 INFO L255 TraceCheckSpWp]: Trace formula consists of 317 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-08 15:17:08,139 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:17:08,350 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:17:08,351 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:17:08,554 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-08 15:17:08,554 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [983506914] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:17:08,554 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:17:08,554 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-08 15:17:08,554 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1546621909] [2024-11-08 15:17:08,555 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:17:08,555 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-08 15:17:08,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:08,556 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-08 15:17:08,556 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-08 15:17:08,556 INFO L87 Difference]: Start difference. First operand 1268 states and 1604 transitions. Second operand has 16 states, 16 states have (on average 7.5) internal successors, (120), 11 states have internal predecessors, (120), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:17:09,757 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:09,758 INFO L93 Difference]: Finished difference Result 2830 states and 3713 transitions. [2024-11-08 15:17:09,758 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2024-11-08 15:17:09,759 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.5) internal successors, (120), 11 states have internal predecessors, (120), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 96 [2024-11-08 15:17:09,760 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:09,770 INFO L225 Difference]: With dead ends: 2830 [2024-11-08 15:17:09,771 INFO L226 Difference]: Without dead ends: 1701 [2024-11-08 15:17:09,776 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 210 SyntacticMatches, 4 SemanticMatches, 45 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 553 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=400, Invalid=1762, Unknown=0, NotChecked=0, Total=2162 [2024-11-08 15:17:09,777 INFO L432 NwaCegarLoop]: 189 mSDtfsCounter, 380 mSDsluCounter, 1104 mSDsCounter, 0 mSdLazyCounter, 879 mSolverCounterSat, 125 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 387 SdHoareTripleChecker+Valid, 1293 SdHoareTripleChecker+Invalid, 1004 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 125 IncrementalHoareTripleChecker+Valid, 879 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:09,777 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [387 Valid, 1293 Invalid, 1004 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [125 Valid, 879 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-08 15:17:09,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1701 states. [2024-11-08 15:17:09,901 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1701 to 1422. [2024-11-08 15:17:09,904 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1422 states, 1064 states have (on average 1.211466165413534) internal successors, (1289), 1146 states have internal predecessors, (1289), 192 states have call successors, (192), 158 states have call predecessors, (192), 165 states have return successors, (262), 173 states have call predecessors, (262), 192 states have call successors, (262) [2024-11-08 15:17:09,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1422 states to 1422 states and 1743 transitions. [2024-11-08 15:17:09,911 INFO L78 Accepts]: Start accepts. Automaton has 1422 states and 1743 transitions. Word has length 96 [2024-11-08 15:17:09,912 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:09,912 INFO L471 AbstractCegarLoop]: Abstraction has 1422 states and 1743 transitions. [2024-11-08 15:17:09,912 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.5) internal successors, (120), 11 states have internal predecessors, (120), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-08 15:17:09,913 INFO L276 IsEmpty]: Start isEmpty. Operand 1422 states and 1743 transitions. [2024-11-08 15:17:09,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 172 [2024-11-08 15:17:09,918 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:09,918 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:09,938 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-08 15:17:10,119 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:10,119 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:10,120 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:10,120 INFO L85 PathProgramCache]: Analyzing trace with hash 1437579353, now seen corresponding path program 1 times [2024-11-08 15:17:10,120 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:10,120 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [5478886] [2024-11-08 15:17:10,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:10,120 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:10,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,220 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:10,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,229 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:17:10,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,236 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,241 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:10,243 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,246 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-11-08 15:17:10,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,254 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,257 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:10,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,258 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:10,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,260 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2024-11-08 15:17:10,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,293 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:10,294 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,295 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:10,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 138 [2024-11-08 15:17:10,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,298 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 147 [2024-11-08 15:17:10,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,303 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 163 [2024-11-08 15:17:10,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:10,305 INFO L134 CoverageAnalysis]: Checked inductivity of 186 backedges. 74 proven. 0 refuted. 0 times theorem prover too weak. 112 trivial. 0 not checked. [2024-11-08 15:17:10,305 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:10,305 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [5478886] [2024-11-08 15:17:10,305 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [5478886] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:17:10,306 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:17:10,306 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:17:10,306 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1756979494] [2024-11-08 15:17:10,306 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:17:10,306 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:17:10,306 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:10,307 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:17:10,307 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:17:10,307 INFO L87 Difference]: Start difference. First operand 1422 states and 1743 transitions. Second operand has 8 states, 8 states have (on average 10.625) internal successors, (85), 5 states have internal predecessors, (85), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-08 15:17:10,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:10,671 INFO L93 Difference]: Finished difference Result 2723 states and 3360 transitions. [2024-11-08 15:17:10,671 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-08 15:17:10,672 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.625) internal successors, (85), 5 states have internal predecessors, (85), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 171 [2024-11-08 15:17:10,672 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:10,680 INFO L225 Difference]: With dead ends: 2723 [2024-11-08 15:17:10,680 INFO L226 Difference]: Without dead ends: 1440 [2024-11-08 15:17:10,685 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 29 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:17:10,685 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 112 mSDsluCounter, 327 mSDsCounter, 0 mSdLazyCounter, 300 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 400 SdHoareTripleChecker+Invalid, 319 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 300 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:10,686 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 400 Invalid, 319 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 300 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:17:10,687 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1440 states. [2024-11-08 15:17:10,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1440 to 1440. [2024-11-08 15:17:10,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1440 states, 1082 states have (on average 1.2079482439926064) internal successors, (1307), 1164 states have internal predecessors, (1307), 192 states have call successors, (192), 158 states have call predecessors, (192), 165 states have return successors, (262), 173 states have call predecessors, (262), 192 states have call successors, (262) [2024-11-08 15:17:10,781 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1440 states to 1440 states and 1761 transitions. [2024-11-08 15:17:10,783 INFO L78 Accepts]: Start accepts. Automaton has 1440 states and 1761 transitions. Word has length 171 [2024-11-08 15:17:10,784 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:10,784 INFO L471 AbstractCegarLoop]: Abstraction has 1440 states and 1761 transitions. [2024-11-08 15:17:10,784 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.625) internal successors, (85), 5 states have internal predecessors, (85), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2024-11-08 15:17:10,784 INFO L276 IsEmpty]: Start isEmpty. Operand 1440 states and 1761 transitions. [2024-11-08 15:17:10,789 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2024-11-08 15:17:10,789 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:17:10,789 INFO L215 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:10,789 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-08 15:17:10,789 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:17:10,790 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:17:10,790 INFO L85 PathProgramCache]: Analyzing trace with hash 116827195, now seen corresponding path program 1 times [2024-11-08 15:17:10,790 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:17:10,790 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1475353587] [2024-11-08 15:17:10,790 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:10,791 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:17:10,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,051 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-08 15:17:11,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,065 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:17:11,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,095 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:11,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,103 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-08 15:17:11,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,107 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-11-08 15:17:11,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,163 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:11,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,165 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:11,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,168 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:17:11,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,169 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2024-11-08 15:17:11,174 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,204 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:17:11,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:17:11,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,210 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 132 [2024-11-08 15:17:11,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,225 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2024-11-08 15:17:11,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,227 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 151 [2024-11-08 15:17:11,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,231 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 167 [2024-11-08 15:17:11,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,233 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 94 proven. 23 refuted. 0 times theorem prover too weak. 73 trivial. 0 not checked. [2024-11-08 15:17:11,233 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:17:11,233 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1475353587] [2024-11-08 15:17:11,234 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1475353587] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:17:11,234 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2103306897] [2024-11-08 15:17:11,234 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:17:11,234 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:17:11,234 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:17:11,236 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:17:11,238 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-08 15:17:11,354 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:17:11,360 INFO L255 TraceCheckSpWp]: Trace formula consists of 513 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-08 15:17:11,366 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:17:11,535 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 140 proven. 4 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2024-11-08 15:17:11,535 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:17:11,946 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 78 proven. 44 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2024-11-08 15:17:11,946 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2103306897] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:17:11,947 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:17:11,947 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 11] total 24 [2024-11-08 15:17:11,947 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1984135187] [2024-11-08 15:17:11,947 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:17:11,948 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-08 15:17:11,948 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:17:11,949 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-08 15:17:11,949 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=433, Unknown=0, NotChecked=0, Total=552 [2024-11-08 15:17:11,949 INFO L87 Difference]: Start difference. First operand 1440 states and 1761 transitions. Second operand has 24 states, 24 states have (on average 9.041666666666666) internal successors, (217), 21 states have internal predecessors, (217), 10 states have call successors, (34), 8 states have call predecessors, (34), 11 states have return successors, (34), 10 states have call predecessors, (34), 10 states have call successors, (34) [2024-11-08 15:17:13,178 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:17:13,179 INFO L93 Difference]: Finished difference Result 3208 states and 4054 transitions. [2024-11-08 15:17:13,179 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2024-11-08 15:17:13,180 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 9.041666666666666) internal successors, (217), 21 states have internal predecessors, (217), 10 states have call successors, (34), 8 states have call predecessors, (34), 11 states have return successors, (34), 10 states have call predecessors, (34), 10 states have call successors, (34) Word has length 175 [2024-11-08 15:17:13,180 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:17:13,183 INFO L225 Difference]: With dead ends: 3208 [2024-11-08 15:17:13,183 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:17:13,192 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 431 GetRequests, 374 SyntacticMatches, 3 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 708 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=630, Invalid=2450, Unknown=0, NotChecked=0, Total=3080 [2024-11-08 15:17:13,193 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 654 mSDsluCounter, 832 mSDsCounter, 0 mSdLazyCounter, 1069 mSolverCounterSat, 221 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 660 SdHoareTripleChecker+Valid, 943 SdHoareTripleChecker+Invalid, 1290 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 221 IncrementalHoareTripleChecker+Valid, 1069 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2024-11-08 15:17:13,194 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [660 Valid, 943 Invalid, 1290 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [221 Valid, 1069 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2024-11-08 15:17:13,194 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:17:13,194 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:17:13,194 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:17:13,195 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:17:13,197 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 175 [2024-11-08 15:17:13,197 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:17:13,197 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:17:13,197 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 9.041666666666666) internal successors, (217), 21 states have internal predecessors, (217), 10 states have call successors, (34), 8 states have call predecessors, (34), 11 states have return successors, (34), 10 states have call predecessors, (34), 10 states have call successors, (34) [2024-11-08 15:17:13,198 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:17:13,198 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:17:13,201 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:17:13,218 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-08 15:17:13,402 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-08 15:17:13,405 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:17:13,407 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:17:21,253 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:17:21,272 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 1) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 1) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-08 15:17:21,303 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-08 15:17:21,341 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 1)) (.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= 2 ~waterLevel~0) .cse2 .cse1) (and .cse0 .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 .cse1) (and (<= 1 ~pumpRunning~0) .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-08 15:17:21,349 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (<= |old(~waterLevel~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (not (= 0 ~systemActive~0))) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1) (and .cse2 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse3) (and .cse2 .cse3 .cse4) (and .cse0 .cse4))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (= ~pumpRunning~0 0)) (.cse4 (<= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1) (and .cse0 .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse4))) [2024-11-08 15:17:21,363 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:17:21 BoogieIcfgContainer [2024-11-08 15:17:21,363 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:17:21,363 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:17:21,363 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:17:21,364 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:17:21,366 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:17:03" (3/4) ... [2024-11-08 15:17:21,368 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:17:21,372 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:17:21,372 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:17:21,372 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:17:21,372 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:17:21,372 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:17:21,373 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:17:21,373 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:17:21,373 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-08 15:17:21,382 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-08 15:17:21,385 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:17:21,385 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:17:21,386 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:21,386 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:17:21,521 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:17:21,522 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:17:21,522 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:17:21,522 INFO L158 Benchmark]: Toolchain (without parser) took 18967.69ms. Allocated memory was 167.8MB in the beginning and 406.8MB in the end (delta: 239.1MB). Free memory was 109.8MB in the beginning and 286.9MB in the end (delta: -177.1MB). Peak memory consumption was 62.5MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,523 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 167.8MB. Free memory is still 128.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:17:21,523 INFO L158 Benchmark]: CACSL2BoogieTranslator took 493.67ms. Allocated memory is still 167.8MB. Free memory was 109.3MB in the beginning and 86.7MB in the end (delta: 22.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,523 INFO L158 Benchmark]: Boogie Procedure Inliner took 55.69ms. Allocated memory is still 167.8MB. Free memory was 86.7MB in the beginning and 84.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,523 INFO L158 Benchmark]: Boogie Preprocessor took 48.81ms. Allocated memory is still 167.8MB. Free memory was 84.6MB in the beginning and 82.0MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,523 INFO L158 Benchmark]: RCFGBuilder took 572.70ms. Allocated memory was 167.8MB in the beginning and 232.8MB in the end (delta: 65.0MB). Free memory was 82.0MB in the beginning and 201.4MB in the end (delta: -119.4MB). Peak memory consumption was 27.1MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,524 INFO L158 Benchmark]: TraceAbstraction took 17632.14ms. Allocated memory was 232.8MB in the beginning and 406.8MB in the end (delta: 174.1MB). Free memory was 200.5MB in the beginning and 294.2MB in the end (delta: -93.7MB). Peak memory consumption was 205.2MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,524 INFO L158 Benchmark]: Witness Printer took 158.53ms. Allocated memory is still 406.8MB. Free memory was 294.2MB in the beginning and 286.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-08 15:17:21,526 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 167.8MB. Free memory is still 128.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 493.67ms. Allocated memory is still 167.8MB. Free memory was 109.3MB in the beginning and 86.7MB in the end (delta: 22.6MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 55.69ms. Allocated memory is still 167.8MB. Free memory was 86.7MB in the beginning and 84.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 48.81ms. Allocated memory is still 167.8MB. Free memory was 84.6MB in the beginning and 82.0MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 572.70ms. Allocated memory was 167.8MB in the beginning and 232.8MB in the end (delta: 65.0MB). Free memory was 82.0MB in the beginning and 201.4MB in the end (delta: -119.4MB). Peak memory consumption was 27.1MB. Max. memory is 16.1GB. * TraceAbstraction took 17632.14ms. Allocated memory was 232.8MB in the beginning and 406.8MB in the end (delta: 174.1MB). Free memory was 200.5MB in the beginning and 294.2MB in the end (delta: -93.7MB). Peak memory consumption was 205.2MB. Max. memory is 16.1GB. * Witness Printer took 158.53ms. Allocated memory is still 406.8MB. Free memory was 294.2MB in the beginning and 286.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 277]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [277] - GenericResultAtLocation [Line: 381]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [381] - GenericResultAtLocation [Line: 448]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [448] - GenericResultAtLocation [Line: 483]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [483] - GenericResultAtLocation [Line: 849]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [849] - GenericResultAtLocation [Line: 953]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [953] - GenericResultAtLocation [Line: 962]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [962] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 958]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 99 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.6s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2284 SdHoareTripleChecker+Valid, 2.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2233 mSDsluCounter, 5751 SdHoareTripleChecker+Invalid, 2.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4511 mSDsCounter, 602 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3394 IncrementalHoareTripleChecker+Invalid, 3996 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 602 mSolverCounterUnsat, 1240 mSDtfsCounter, 3394 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 848 GetRequests, 676 SyntacticMatches, 7 SemanticMatches, 165 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1362 ImplicationChecksByTransitivity, 1.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1440occurred in iteration=10, InterpolantAutomatonStates: 145, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 518 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.9s InterpolantComputationTime, 1074 NumberOfCodeBlocks, 1074 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1330 ConstructedInterpolants, 0 QuantifiedInterpolants, 2694 SizeOfPredicates, 2 NumberOfNonLiveVariables, 830 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 782/879 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 392]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0))) - InvariantResult [Line: 289]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 391]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 160]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((pumpRunning == 0) && ((((waterLevel <= 1) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) || ((2 == waterLevel) && (1 <= \old(pumpRunning))))) && (0 != systemActive)) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 877]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 279]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) && ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel)))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning)) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (((long long) waterLevel + 1) <= \old(waterLevel))) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((\old(waterLevel) != 1) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (((pumpRunning == 0) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)))) && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((((waterLevel <= 1) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || ((\old(pumpRunning) == 0) && (0 != systemActive))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 865]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (2 == waterLevel))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 1))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((long long) \old(waterLevel) + 1) == waterLevel) || (2 == waterLevel))) && (((((pumpRunning == 0) && (\old(waterLevel) <= 1)) || ((((1 <= pumpRunning) && (\old(waterLevel) <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2))) || ((pumpRunning == 0) && (\old(waterLevel) == 2)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 179]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((pumpRunning == 0) && (waterLevel <= 2))) || ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: ((((((pumpRunning < 1) || (0 != systemActive)) && (((pumpRunning == 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)))) && (pumpRunning == \result)) && ((2 == waterLevel) || (waterLevel < 2))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:17:21,562 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE