./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:55:23,321 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:55:23,398 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:55:23,403 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:55:23,403 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:55:23,431 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:55:23,433 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:55:23,434 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:55:23,434 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:55:23,436 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:55:23,436 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:55:23,437 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:55:23,437 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:55:23,438 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:55:23,439 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:55:23,440 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:55:23,440 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:55:23,440 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:55:23,441 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:55:23,441 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:55:23,442 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:55:23,442 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:55:23,442 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:55:23,443 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:55:23,443 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:55:23,443 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:55:23,444 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:55:23,444 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:55:23,444 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:55:23,445 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:55:23,445 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:55:23,445 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:55:23,446 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:23,446 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:55:23,446 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:55:23,447 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:55:23,447 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:55:23,447 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:55:23,448 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:55:23,448 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:55:23,448 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:55:23,448 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:55:23,449 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef [2024-11-16 07:55:23,668 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:55:23,693 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:55:23,696 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:55:23,697 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:55:23,698 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:55:23,699 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c [2024-11-16 07:55:25,235 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:55:25,468 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:55:25,469 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c [2024-11-16 07:55:25,483 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/76612486d/2e6f92e35ae84e09a486c375179df0f7/FLAGe23d70032 [2024-11-16 07:55:25,807 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/76612486d/2e6f92e35ae84e09a486c375179df0f7 [2024-11-16 07:55:25,809 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:55:25,811 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:55:25,812 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:25,812 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:55:25,818 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:55:25,819 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:25" (1/1) ... [2024-11-16 07:55:25,820 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2829470f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:25, skipping insertion in model container [2024-11-16 07:55:25,822 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:25" (1/1) ... [2024-11-16 07:55:25,870 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:55:26,066 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2024-11-16 07:55:26,168 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:26,178 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:55:26,189 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2024-11-16 07:55:26,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] [2024-11-16 07:55:26,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] [2024-11-16 07:55:26,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] [2024-11-16 07:55:26,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] [2024-11-16 07:55:26,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] [2024-11-16 07:55:26,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] [2024-11-16 07:55:26,192 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] [2024-11-16 07:55:26,199 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2024-11-16 07:55:26,270 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:26,292 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:55:26,292 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26 WrapperNode [2024-11-16 07:55:26,293 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:26,294 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:26,294 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:55:26,294 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:55:26,301 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,315 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,357 INFO L138 Inliner]: procedures = 55, calls = 97, calls flagged for inlining = 23, calls inlined = 19, statements flattened = 177 [2024-11-16 07:55:26,357 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:26,358 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:55:26,358 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:55:26,358 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:55:26,368 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,368 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,371 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,401 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:55:26,402 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,403 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,408 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,409 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,410 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,411 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,413 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:55:26,414 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:55:26,414 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:55:26,414 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:55:26,415 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (1/1) ... [2024-11-16 07:55:26,424 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:26,447 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:26,463 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:55:26,467 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:55:26,517 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:55:26,518 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:55:26,518 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:55:26,518 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:55:26,519 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:55:26,519 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:55:26,519 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:55:26,519 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:55:26,519 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:55:26,519 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-16 07:55:26,520 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-16 07:55:26,520 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:55:26,520 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:55:26,521 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:55:26,521 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:55:26,521 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:55:26,613 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:55:26,617 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:55:26,782 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L791-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~10#1; [2024-11-16 07:55:26,782 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L560-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~7#1; [2024-11-16 07:55:26,782 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L546-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~6#1; [2024-11-16 07:55:26,857 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L84-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2024-11-16 07:55:26,857 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L945-1: main_#res#1 := main_~retValue_acc~11#1; [2024-11-16 07:55:26,866 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L736: #res := ~retValue_acc~9; [2024-11-16 07:55:26,886 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-11-16 07:55:26,887 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:55:26,900 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:55:26,901 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:55:26,901 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:26 BoogieIcfgContainer [2024-11-16 07:55:26,902 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:55:26,904 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:55:26,904 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:55:26,907 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:55:26,907 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:55:25" (1/3) ... [2024-11-16 07:55:26,908 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@30119e38 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:26, skipping insertion in model container [2024-11-16 07:55:26,908 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:26" (2/3) ... [2024-11-16 07:55:26,908 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@30119e38 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:26, skipping insertion in model container [2024-11-16 07:55:26,909 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:26" (3/3) ... [2024-11-16 07:55:26,910 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product34.cil.c [2024-11-16 07:55:26,923 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:55:26,924 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:55:26,975 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:55:26,981 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6c8214c6, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:55:26,981 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:55:26,984 INFO L276 IsEmpty]: Start isEmpty. Operand has 87 states, 69 states have (on average 1.3478260869565217) internal successors, (93), 75 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-16 07:55:26,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-16 07:55:26,993 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:26,993 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:26,994 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:26,998 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:26,998 INFO L85 PathProgramCache]: Analyzing trace with hash -1521478003, now seen corresponding path program 1 times [2024-11-16 07:55:27,007 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,007 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [618477924] [2024-11-16 07:55:27,007 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,008 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,131 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,226 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-16 07:55:27,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,238 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:55:27,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,247 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:27,248 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:27,248 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [618477924] [2024-11-16 07:55:27,249 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [618477924] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:27,249 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:27,249 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:55:27,251 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1001903535] [2024-11-16 07:55:27,252 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:27,257 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:55:27,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:27,283 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:55:27,283 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:27,285 INFO L87 Difference]: Start difference. First operand has 87 states, 69 states have (on average 1.3478260869565217) internal successors, (93), 75 states have internal predecessors, (93), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:27,334 INFO L93 Difference]: Finished difference Result 164 states and 219 transitions. [2024-11-16 07:55:27,353 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:55:27,354 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-16 07:55:27,354 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:27,374 INFO L225 Difference]: With dead ends: 164 [2024-11-16 07:55:27,374 INFO L226 Difference]: Without dead ends: 76 [2024-11-16 07:55:27,377 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:27,379 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:27,380 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:27,393 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2024-11-16 07:55:27,409 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2024-11-16 07:55:27,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.2833333333333334) internal successors, (77), 65 states have internal predecessors, (77), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-16 07:55:27,413 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 96 transitions. [2024-11-16 07:55:27,415 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 96 transitions. Word has length 34 [2024-11-16 07:55:27,415 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:27,415 INFO L471 AbstractCegarLoop]: Abstraction has 76 states and 96 transitions. [2024-11-16 07:55:27,415 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,416 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 96 transitions. [2024-11-16 07:55:27,418 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-16 07:55:27,418 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:27,418 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:27,419 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:55:27,419 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:27,420 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:27,420 INFO L85 PathProgramCache]: Analyzing trace with hash 1658017325, now seen corresponding path program 1 times [2024-11-16 07:55:27,420 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,420 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [126200347] [2024-11-16 07:55:27,420 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,421 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,515 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-16 07:55:27,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,519 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-16 07:55:27,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,522 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:27,523 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:27,523 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [126200347] [2024-11-16 07:55:27,523 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [126200347] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:27,523 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:27,523 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:27,523 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1344552017] [2024-11-16 07:55:27,523 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:27,524 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:27,524 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:27,525 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:27,525 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:27,525 INFO L87 Difference]: Start difference. First operand 76 states and 96 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,537 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:27,538 INFO L93 Difference]: Finished difference Result 113 states and 143 transitions. [2024-11-16 07:55:27,538 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:27,539 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2024-11-16 07:55:27,539 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:27,540 INFO L225 Difference]: With dead ends: 113 [2024-11-16 07:55:27,540 INFO L226 Difference]: Without dead ends: 65 [2024-11-16 07:55:27,541 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:27,542 INFO L432 NwaCegarLoop]: 81 mSDtfsCounter, 12 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:27,542 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 144 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:27,543 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2024-11-16 07:55:27,548 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2024-11-16 07:55:27,548 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 52 states have (on average 1.3076923076923077) internal successors, (68), 57 states have internal predecessors, (68), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-16 07:55:27,549 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 82 transitions. [2024-11-16 07:55:27,549 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 82 transitions. Word has length 37 [2024-11-16 07:55:27,550 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:27,550 INFO L471 AbstractCegarLoop]: Abstraction has 65 states and 82 transitions. [2024-11-16 07:55:27,550 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:27,550 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 82 transitions. [2024-11-16 07:55:27,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-16 07:55:27,552 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:27,552 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:27,552 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:55:27,552 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:27,553 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:27,553 INFO L85 PathProgramCache]: Analyzing trace with hash 1684200500, now seen corresponding path program 1 times [2024-11-16 07:55:27,553 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,554 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [955093783] [2024-11-16 07:55:27,554 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,554 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,661 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:27,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,669 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-16 07:55:27,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,681 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:27,681 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:27,681 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [955093783] [2024-11-16 07:55:27,681 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [955093783] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:27,681 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:27,682 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:27,682 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [870228906] [2024-11-16 07:55:27,682 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:27,682 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:27,682 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:27,684 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:27,686 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:27,687 INFO L87 Difference]: Start difference. First operand 65 states and 82 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:27,722 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:27,722 INFO L93 Difference]: Finished difference Result 122 states and 157 transitions. [2024-11-16 07:55:27,725 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:27,726 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 40 [2024-11-16 07:55:27,726 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:27,727 INFO L225 Difference]: With dead ends: 122 [2024-11-16 07:55:27,730 INFO L226 Difference]: Without dead ends: 65 [2024-11-16 07:55:27,730 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:27,732 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 72 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 80 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:27,733 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 80 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:27,733 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 65 states. [2024-11-16 07:55:27,741 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 65 to 65. [2024-11-16 07:55:27,741 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 52 states have (on average 1.2884615384615385) internal successors, (67), 57 states have internal predecessors, (67), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-16 07:55:27,742 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 81 transitions. [2024-11-16 07:55:27,743 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 81 transitions. Word has length 40 [2024-11-16 07:55:27,744 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:27,744 INFO L471 AbstractCegarLoop]: Abstraction has 65 states and 81 transitions. [2024-11-16 07:55:27,744 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:27,744 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 81 transitions. [2024-11-16 07:55:27,748 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-16 07:55:27,750 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:27,750 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:27,750 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:55:27,750 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:27,751 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:27,753 INFO L85 PathProgramCache]: Analyzing trace with hash -852843617, now seen corresponding path program 1 times [2024-11-16 07:55:27,753 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:27,753 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [922441513] [2024-11-16 07:55:27,753 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:27,753 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:27,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,912 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:27,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,922 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:27,927 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,929 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-11-16 07:55:27,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:27,940 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:27,941 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:27,941 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [922441513] [2024-11-16 07:55:27,941 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [922441513] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:27,941 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:27,941 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:27,941 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [842438779] [2024-11-16 07:55:27,942 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:27,942 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:27,942 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:27,943 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:27,943 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:27,943 INFO L87 Difference]: Start difference. First operand 65 states and 81 transitions. Second operand has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:27,996 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:27,996 INFO L93 Difference]: Finished difference Result 168 states and 214 transitions. [2024-11-16 07:55:27,996 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:27,997 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 45 [2024-11-16 07:55:27,997 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:27,998 INFO L225 Difference]: With dead ends: 168 [2024-11-16 07:55:27,998 INFO L226 Difference]: Without dead ends: 111 [2024-11-16 07:55:27,999 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:28,000 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 48 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,001 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 152 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,002 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 111 states. [2024-11-16 07:55:28,024 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 111 to 108. [2024-11-16 07:55:28,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 85 states have (on average 1.2823529411764707) internal successors, (109), 91 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-16 07:55:28,031 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 135 transitions. [2024-11-16 07:55:28,035 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 135 transitions. Word has length 45 [2024-11-16 07:55:28,036 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,036 INFO L471 AbstractCegarLoop]: Abstraction has 108 states and 135 transitions. [2024-11-16 07:55:28,036 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.0) internal successors, (36), 3 states have internal predecessors, (36), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:28,037 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2024-11-16 07:55:28,038 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:28,038 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,038 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,038 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:55:28,038 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,039 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,039 INFO L85 PathProgramCache]: Analyzing trace with hash 1906205454, now seen corresponding path program 1 times [2024-11-16 07:55:28,039 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,039 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1040500718] [2024-11-16 07:55:28,039 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,040 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,201 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:28,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,208 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,208 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,209 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1040500718] [2024-11-16 07:55:28,209 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1040500718] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,209 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,209 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:55:28,210 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [992030200] [2024-11-16 07:55:28,210 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,211 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:55:28,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,212 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:55:28,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:28,213 INFO L87 Difference]: Start difference. First operand 108 states and 135 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,257 INFO L93 Difference]: Finished difference Result 211 states and 268 transitions. [2024-11-16 07:55:28,257 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:55:28,258 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:28,258 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,259 INFO L225 Difference]: With dead ends: 211 [2024-11-16 07:55:28,262 INFO L226 Difference]: Without dead ends: 111 [2024-11-16 07:55:28,263 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:28,264 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 0 mSDsluCounter, 227 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 305 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,265 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 305 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,266 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 111 states. [2024-11-16 07:55:28,276 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 111 to 111. [2024-11-16 07:55:28,279 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 88 states have (on average 1.2727272727272727) internal successors, (112), 94 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-16 07:55:28,281 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 138 transitions. [2024-11-16 07:55:28,284 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 138 transitions. Word has length 49 [2024-11-16 07:55:28,285 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,285 INFO L471 AbstractCegarLoop]: Abstraction has 111 states and 138 transitions. [2024-11-16 07:55:28,285 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,285 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 138 transitions. [2024-11-16 07:55:28,286 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:28,286 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,287 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,289 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:55:28,289 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,289 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,289 INFO L85 PathProgramCache]: Analyzing trace with hash 909133101, now seen corresponding path program 1 times [2024-11-16 07:55:28,290 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,290 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2113058376] [2024-11-16 07:55:28,290 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,290 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,390 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,395 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:28,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,399 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,400 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,400 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2113058376] [2024-11-16 07:55:28,400 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2113058376] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,400 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,401 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:55:28,401 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [378687907] [2024-11-16 07:55:28,401 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,402 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:55:28,402 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,403 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:55:28,403 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:28,403 INFO L87 Difference]: Start difference. First operand 111 states and 138 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,464 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,465 INFO L93 Difference]: Finished difference Result 216 states and 275 transitions. [2024-11-16 07:55:28,465 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:55:28,465 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:28,466 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,467 INFO L225 Difference]: With dead ends: 216 [2024-11-16 07:55:28,469 INFO L226 Difference]: Without dead ends: 113 [2024-11-16 07:55:28,469 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:55:28,470 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 74 mSDsluCounter, 150 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 228 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,471 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 228 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,472 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113 states. [2024-11-16 07:55:28,487 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113 to 113. [2024-11-16 07:55:28,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 113 states, 90 states have (on average 1.2666666666666666) internal successors, (114), 96 states have internal predecessors, (114), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2024-11-16 07:55:28,490 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 113 states to 113 states and 140 transitions. [2024-11-16 07:55:28,490 INFO L78 Accepts]: Start accepts. Automaton has 113 states and 140 transitions. Word has length 49 [2024-11-16 07:55:28,491 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,492 INFO L471 AbstractCegarLoop]: Abstraction has 113 states and 140 transitions. [2024-11-16 07:55:28,493 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,493 INFO L276 IsEmpty]: Start isEmpty. Operand 113 states and 140 transitions. [2024-11-16 07:55:28,494 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-16 07:55:28,495 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,495 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,495 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:55:28,495 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,496 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,496 INFO L85 PathProgramCache]: Analyzing trace with hash 91484651, now seen corresponding path program 1 times [2024-11-16 07:55:28,496 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,496 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2023103086] [2024-11-16 07:55:28,497 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,497 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,595 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,599 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-16 07:55:28,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,601 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:28,602 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,602 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2023103086] [2024-11-16 07:55:28,602 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2023103086] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,602 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,602 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:28,602 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1985745862] [2024-11-16 07:55:28,603 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,603 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:28,603 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,604 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:28,604 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:28,604 INFO L87 Difference]: Start difference. First operand 113 states and 140 transitions. Second operand has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,640 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,640 INFO L93 Difference]: Finished difference Result 269 states and 337 transitions. [2024-11-16 07:55:28,641 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:28,641 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 49 [2024-11-16 07:55:28,641 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,642 INFO L225 Difference]: With dead ends: 269 [2024-11-16 07:55:28,643 INFO L226 Difference]: Without dead ends: 164 [2024-11-16 07:55:28,643 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:28,644 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 40 mSDsluCounter, 66 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,647 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [40 Valid, 152 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:28,648 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 164 states. [2024-11-16 07:55:28,669 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 164 to 161. [2024-11-16 07:55:28,673 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 161 states, 128 states have (on average 1.25) internal successors, (160), 135 states have internal predecessors, (160), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-11-16 07:55:28,674 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 161 states to 161 states and 198 transitions. [2024-11-16 07:55:28,676 INFO L78 Accepts]: Start accepts. Automaton has 161 states and 198 transitions. Word has length 49 [2024-11-16 07:55:28,676 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,676 INFO L471 AbstractCegarLoop]: Abstraction has 161 states and 198 transitions. [2024-11-16 07:55:28,677 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.0) internal successors, (42), 3 states have internal predecessors, (42), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:28,677 INFO L276 IsEmpty]: Start isEmpty. Operand 161 states and 198 transitions. [2024-11-16 07:55:28,678 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-16 07:55:28,678 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,678 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,680 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:55:28,680 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,681 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,681 INFO L85 PathProgramCache]: Analyzing trace with hash 428786107, now seen corresponding path program 1 times [2024-11-16 07:55:28,681 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,681 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1221048128] [2024-11-16 07:55:28,681 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,681 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,802 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:28,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,806 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2024-11-16 07:55:28,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2024-11-16 07:55:28,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:28,826 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:55:28,826 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:28,827 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1221048128] [2024-11-16 07:55:28,827 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1221048128] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:28,827 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:28,827 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:28,828 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [728873121] [2024-11-16 07:55:28,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:28,830 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:28,830 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:28,831 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:28,831 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:28,831 INFO L87 Difference]: Start difference. First operand 161 states and 198 transitions. Second operand has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-16 07:55:28,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:28,945 INFO L93 Difference]: Finished difference Result 312 states and 387 transitions. [2024-11-16 07:55:28,946 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:55:28,946 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 51 [2024-11-16 07:55:28,946 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:28,947 INFO L225 Difference]: With dead ends: 312 [2024-11-16 07:55:28,947 INFO L226 Difference]: Without dead ends: 159 [2024-11-16 07:55:28,948 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:28,949 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 30 mSDsluCounter, 267 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:28,949 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 347 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:28,953 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2024-11-16 07:55:28,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 159. [2024-11-16 07:55:28,964 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 159 states, 126 states have (on average 1.2222222222222223) internal successors, (154), 133 states have internal predecessors, (154), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2024-11-16 07:55:28,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 159 states to 159 states and 192 transitions. [2024-11-16 07:55:28,966 INFO L78 Accepts]: Start accepts. Automaton has 159 states and 192 transitions. Word has length 51 [2024-11-16 07:55:28,966 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:28,966 INFO L471 AbstractCegarLoop]: Abstraction has 159 states and 192 transitions. [2024-11-16 07:55:28,967 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-16 07:55:28,967 INFO L276 IsEmpty]: Start isEmpty. Operand 159 states and 192 transitions. [2024-11-16 07:55:28,967 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-16 07:55:28,968 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:28,968 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:28,968 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:55:28,968 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:28,969 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:28,969 INFO L85 PathProgramCache]: Analyzing trace with hash 928814569, now seen corresponding path program 1 times [2024-11-16 07:55:28,969 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:28,969 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1122488722] [2024-11-16 07:55:28,969 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:28,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:28,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,146 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:29,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,164 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-16 07:55:29,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-16 07:55:29,172 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,174 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:29,174 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:29,174 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1122488722] [2024-11-16 07:55:29,174 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1122488722] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:29,174 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:29,174 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-16 07:55:29,174 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [826457533] [2024-11-16 07:55:29,175 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:29,175 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:55:29,175 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:29,180 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:55:29,180 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:55:29,180 INFO L87 Difference]: Start difference. First operand 159 states and 192 transitions. Second operand has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:29,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:29,495 INFO L93 Difference]: Finished difference Result 517 states and 659 transitions. [2024-11-16 07:55:29,495 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-16 07:55:29,496 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 53 [2024-11-16 07:55:29,496 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:29,499 INFO L225 Difference]: With dead ends: 517 [2024-11-16 07:55:29,499 INFO L226 Difference]: Without dead ends: 413 [2024-11-16 07:55:29,500 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 28 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=151, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:55:29,500 INFO L432 NwaCegarLoop]: 110 mSDtfsCounter, 262 mSDsluCounter, 399 mSDsCounter, 0 mSdLazyCounter, 202 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 272 SdHoareTripleChecker+Valid, 509 SdHoareTripleChecker+Invalid, 258 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 202 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:29,501 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [272 Valid, 509 Invalid, 258 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 202 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:55:29,502 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 413 states. [2024-11-16 07:55:29,539 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 413 to 405. [2024-11-16 07:55:29,540 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 321 states have (on average 1.1993769470404985) internal successors, (385), 340 states have internal predecessors, (385), 45 states have call successors, (45), 33 states have call predecessors, (45), 38 states have return successors, (64), 43 states have call predecessors, (64), 45 states have call successors, (64) [2024-11-16 07:55:29,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 494 transitions. [2024-11-16 07:55:29,543 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 494 transitions. Word has length 53 [2024-11-16 07:55:29,543 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:29,543 INFO L471 AbstractCegarLoop]: Abstraction has 405 states and 494 transitions. [2024-11-16 07:55:29,543 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:29,543 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 494 transitions. [2024-11-16 07:55:29,544 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2024-11-16 07:55:29,545 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:29,545 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:29,545 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-16 07:55:29,545 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:29,546 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:29,546 INFO L85 PathProgramCache]: Analyzing trace with hash -1603935924, now seen corresponding path program 1 times [2024-11-16 07:55:29,546 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:29,546 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1852182010] [2024-11-16 07:55:29,546 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,546 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:29,561 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:29,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,693 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-16 07:55:29,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,713 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:29,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,716 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 59 [2024-11-16 07:55:29,717 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,729 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2024-11-16 07:55:29,730 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,731 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-16 07:55:29,732 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,734 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-16 07:55:29,734 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:29,734 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1852182010] [2024-11-16 07:55:29,734 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1852182010] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:55:29,734 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [860490870] [2024-11-16 07:55:29,735 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:29,735 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:29,735 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:29,737 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:55:29,738 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:55:29,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:29,840 INFO L255 TraceCheckSpWp]: Trace formula consists of 288 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-16 07:55:29,846 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:55:30,023 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 24 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:55:30,023 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:55:30,222 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 20 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-16 07:55:30,223 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [860490870] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-16 07:55:30,223 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-16 07:55:30,223 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2024-11-16 07:55:30,223 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1126196101] [2024-11-16 07:55:30,223 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-16 07:55:30,224 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2024-11-16 07:55:30,224 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:30,225 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2024-11-16 07:55:30,225 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2024-11-16 07:55:30,229 INFO L87 Difference]: Start difference. First operand 405 states and 494 transitions. Second operand has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-16 07:55:30,879 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:30,879 INFO L93 Difference]: Finished difference Result 643 states and 810 transitions. [2024-11-16 07:55:30,880 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2024-11-16 07:55:30,880 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) Word has length 86 [2024-11-16 07:55:30,880 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:30,881 INFO L225 Difference]: With dead ends: 643 [2024-11-16 07:55:30,881 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:55:30,883 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 213 GetRequests, 182 SyntacticMatches, 4 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 138 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=201, Invalid=611, Unknown=0, NotChecked=0, Total=812 [2024-11-16 07:55:30,883 INFO L432 NwaCegarLoop]: 127 mSDtfsCounter, 270 mSDsluCounter, 835 mSDsCounter, 0 mSdLazyCounter, 558 mSolverCounterSat, 69 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 274 SdHoareTripleChecker+Valid, 962 SdHoareTripleChecker+Invalid, 627 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 69 IncrementalHoareTripleChecker+Valid, 558 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:30,884 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [274 Valid, 962 Invalid, 627 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [69 Valid, 558 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-16 07:55:30,884 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:55:30,884 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:55:30,884 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:55:30,884 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:55:30,885 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 86 [2024-11-16 07:55:30,885 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:30,885 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:55:30,885 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 7.642857142857143) internal successors, (107), 10 states have internal predecessors, (107), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 6 states have call successors, (13) [2024-11-16 07:55:30,885 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:55:30,885 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:55:30,888 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:55:30,902 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-16 07:55:31,091 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:55:31,094 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:31,096 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:55:33,325 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:55:33,372 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| 2))) (or (and (= |old(~waterLevel~0)| 1) .cse0 .cse1) (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) (<= |old(~waterLevel~0)| 2) .cse2) (and .cse0 .cse1 .cse3) (and .cse0 .cse2 .cse3))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-11-16 07:55:33,403 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= |old(~waterLevel~0)| 2)) (and .cse0 (= |old(~waterLevel~0)| 1) .cse1) (and .cse3 .cse1 .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 .cse2))) [2024-11-16 07:55:33,421 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:55:33 BoogieIcfgContainer [2024-11-16 07:55:33,421 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:55:33,422 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:55:33,423 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:55:33,423 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:55:33,424 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:26" (3/4) ... [2024-11-16 07:55:33,426 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:55:33,430 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:55:33,430 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:55:33,430 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:55:33,430 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:55:33,431 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:55:33,431 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-16 07:55:33,440 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 37 nodes and edges [2024-11-16 07:55:33,441 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:55:33,441 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:55:33,441 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:33,442 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:33,550 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:55:33,551 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:55:33,551 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:55:33,552 INFO L158 Benchmark]: Toolchain (without parser) took 7740.95ms. Allocated memory was 155.2MB in the beginning and 264.2MB in the end (delta: 109.1MB). Free memory was 80.3MB in the beginning and 213.0MB in the end (delta: -132.7MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:55:33,552 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 155.2MB. Free memory was 105.4MB in the beginning and 105.3MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:55:33,552 INFO L158 Benchmark]: CACSL2BoogieTranslator took 481.15ms. Allocated memory is still 155.2MB. Free memory was 80.2MB in the beginning and 58.8MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,552 INFO L158 Benchmark]: Boogie Procedure Inliner took 63.58ms. Allocated memory is still 155.2MB. Free memory was 58.6MB in the beginning and 122.9MB in the end (delta: -64.3MB). Peak memory consumption was 7.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,552 INFO L158 Benchmark]: Boogie Preprocessor took 55.54ms. Allocated memory was 155.2MB in the beginning and 220.2MB in the end (delta: 65.0MB). Free memory was 122.9MB in the beginning and 188.8MB in the end (delta: -66.0MB). Peak memory consumption was 6.6MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,553 INFO L158 Benchmark]: IcfgBuilder took 487.66ms. Allocated memory is still 220.2MB. Free memory was 188.8MB in the beginning and 170.0MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,553 INFO L158 Benchmark]: TraceAbstraction took 6517.90ms. Allocated memory was 220.2MB in the beginning and 264.2MB in the end (delta: 44.0MB). Free memory was 170.0MB in the beginning and 220.4MB in the end (delta: -50.5MB). Peak memory consumption was 137.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,553 INFO L158 Benchmark]: Witness Printer took 129.03ms. Allocated memory is still 264.2MB. Free memory was 220.4MB in the beginning and 213.0MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-16 07:55:33,556 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 155.2MB. Free memory was 105.4MB in the beginning and 105.3MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 481.15ms. Allocated memory is still 155.2MB. Free memory was 80.2MB in the beginning and 58.8MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 63.58ms. Allocated memory is still 155.2MB. Free memory was 58.6MB in the beginning and 122.9MB in the end (delta: -64.3MB). Peak memory consumption was 7.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 55.54ms. Allocated memory was 155.2MB in the beginning and 220.2MB in the end (delta: 65.0MB). Free memory was 122.9MB in the beginning and 188.8MB in the end (delta: -66.0MB). Peak memory consumption was 6.6MB. Max. memory is 16.1GB. * IcfgBuilder took 487.66ms. Allocated memory is still 220.2MB. Free memory was 188.8MB in the beginning and 170.0MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 6517.90ms. Allocated memory was 220.2MB in the beginning and 264.2MB in the end (delta: 44.0MB). Free memory was 170.0MB in the beginning and 220.4MB in the end (delta: -50.5MB). Peak memory consumption was 137.1MB. Max. memory is 16.1GB. * Witness Printer took 129.03ms. Allocated memory is still 264.2MB. Free memory was 220.4MB in the beginning and 213.0MB in the end (delta: 7.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] - GenericResultAtLocation [Line: 462]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] - GenericResultAtLocation [Line: 563]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] - GenericResultAtLocation [Line: 802]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] - GenericResultAtLocation [Line: 851]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 87 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.1s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 826 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 808 mSDsluCounter, 2985 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2064 mSDsCounter, 133 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 861 IncrementalHoareTripleChecker+Invalid, 994 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 133 mSolverCounterUnsat, 921 mSDtfsCounter, 861 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 308 GetRequests, 245 SyntacticMatches, 4 SemanticMatches, 59 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 170 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=405occurred in iteration=9, InterpolantAutomatonStates: 61, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 14 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 579 NumberOfCodeBlocks, 579 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 653 ConstructedInterpolants, 0 QuantifiedInterpolants, 1275 SizeOfPredicates, 2 NumberOfNonLiveVariables, 288 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 98/120 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 863]: Location Invariant Derived location invariant: null - InvariantResult [Line: 577]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 670]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 496]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 853]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 643]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: (((((((((((\old(waterLevel) == 1) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || ((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning)))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1)))) && ((\old(pumpRunning) < 1) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (\old(waterLevel) != 2))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 484]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2))) || (((pumpRunning == 0) && (\old(waterLevel) == 1)) && (1 == systemActive))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) && ((((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 730]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:55:33,587 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE