./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash fd0b8ceecda33bdad48c402c2c8ba6fe539641c6d50bf604e9c60e70c71a562b --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:13:32,685 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:13:32,735 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:13:32,741 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:13:32,741 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:13:32,761 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:13:32,762 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:13:32,762 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:13:32,763 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:13:32,765 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:13:32,766 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:13:32,766 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:13:32,766 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:13:32,766 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:13:32,766 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:13:32,767 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:13:32,767 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:13:32,767 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:13:32,768 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:13:32,768 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:13:32,768 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:13:32,772 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:13:32,772 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:13:32,772 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:13:32,772 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:13:32,773 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:13:32,773 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:13:32,774 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:13:32,774 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:13:32,776 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:13:32,776 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> fd0b8ceecda33bdad48c402c2c8ba6fe539641c6d50bf604e9c60e70c71a562b [2024-11-08 15:13:32,981 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:13:32,999 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:13:33,002 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:13:33,003 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:13:33,003 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:13:33,004 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c [2024-11-08 15:13:34,220 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:13:34,395 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:13:34,396 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c [2024-11-08 15:13:34,412 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7da03326a/d2c6b3312f204b0a82e511e5ebbb6f00/FLAG97ee9e00e [2024-11-08 15:13:34,422 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7da03326a/d2c6b3312f204b0a82e511e5ebbb6f00 [2024-11-08 15:13:34,424 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:13:34,425 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:13:34,427 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:13:34,427 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:13:34,431 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:13:34,432 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,433 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@475de0bf and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34, skipping insertion in model container [2024-11-08 15:13:34,433 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,486 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:13:34,681 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c[6160,6173] [2024-11-08 15:13:34,755 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:13:34,768 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:13:34,776 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-08 15:13:34,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [316] [2024-11-08 15:13:34,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [386] [2024-11-08 15:13:34,777 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [395] [2024-11-08 15:13:34,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [761] [2024-11-08 15:13:34,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [860] [2024-11-08 15:13:34,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] [2024-11-08 15:13:34,778 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [990] [2024-11-08 15:13:34,799 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product63.cil.c[6160,6173] [2024-11-08 15:13:34,826 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:13:34,846 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:13:34,846 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34 WrapperNode [2024-11-08 15:13:34,846 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:13:34,847 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:13:34,847 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:13:34,847 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:13:34,852 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,860 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,877 INFO L138 Inliner]: procedures = 58, calls = 106, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 220 [2024-11-08 15:13:34,877 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:13:34,878 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:13:34,878 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:13:34,878 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:13:34,886 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,886 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,887 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,897 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:13:34,898 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,898 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,905 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,908 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,910 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,911 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,914 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:13:34,915 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:13:34,918 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:13:34,918 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:13:34,919 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (1/1) ... [2024-11-08 15:13:34,923 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:13:34,930 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:13:34,943 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:13:34,946 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:13:34,983 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:13:34,984 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:13:34,984 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:13:34,984 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:13:34,984 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:13:34,984 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-08 15:13:34,984 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-08 15:13:34,984 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:13:34,984 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:13:34,985 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:13:34,985 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:13:34,985 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:13:34,985 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:13:34,985 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:34,985 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:34,986 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-08 15:13:34,986 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-08 15:13:34,986 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:13:34,986 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:13:34,986 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:13:34,986 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:13:34,986 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:13:34,986 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:13:34,986 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:13:35,052 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:13:35,054 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:13:35,275 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-11-08 15:13:35,275 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:13:35,289 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:13:35,289 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:13:35,290 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:35 BoogieIcfgContainer [2024-11-08 15:13:35,290 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:13:35,291 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:13:35,291 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:13:35,293 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:13:35,293 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:13:34" (1/3) ... [2024-11-08 15:13:35,294 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b918694 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:13:35, skipping insertion in model container [2024-11-08 15:13:35,294 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:13:34" (2/3) ... [2024-11-08 15:13:35,294 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b918694 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:13:35, skipping insertion in model container [2024-11-08 15:13:35,294 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:35" (3/3) ... [2024-11-08 15:13:35,295 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product63.cil.c [2024-11-08 15:13:35,306 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:13:35,307 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:13:35,347 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:13:35,352 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6fdf56cf, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:13:35,352 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:13:35,355 INFO L276 IsEmpty]: Start isEmpty. Operand has 112 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2024-11-08 15:13:35,361 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-11-08 15:13:35,362 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:35,362 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:35,362 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:35,366 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:35,366 INFO L85 PathProgramCache]: Analyzing trace with hash 155128550, now seen corresponding path program 1 times [2024-11-08 15:13:35,372 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:35,372 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1294384776] [2024-11-08 15:13:35,372 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:35,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:35,443 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,490 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:13:35,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,513 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:35,514 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:35,514 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1294384776] [2024-11-08 15:13:35,515 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1294384776] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:35,517 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:35,517 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:13:35,518 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [612195502] [2024-11-08 15:13:35,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:35,524 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:13:35,524 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:35,571 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:13:35,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:13:35,574 INFO L87 Difference]: Start difference. First operand has 112 states, 81 states have (on average 1.3703703703703705) internal successors, (111), 92 states have internal predecessors, (111), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,602 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:35,602 INFO L93 Difference]: Finished difference Result 216 states and 293 transitions. [2024-11-08 15:13:35,603 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:13:35,604 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2024-11-08 15:13:35,604 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:35,610 INFO L225 Difference]: With dead ends: 216 [2024-11-08 15:13:35,610 INFO L226 Difference]: Without dead ends: 103 [2024-11-08 15:13:35,613 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:13:35,615 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 143 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:35,615 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:35,629 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2024-11-08 15:13:35,647 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 103. [2024-11-08 15:13:35,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 103 states, 74 states have (on average 1.3108108108108107) internal successors, (97), 84 states have internal predecessors, (97), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-08 15:13:35,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 103 states to 103 states and 134 transitions. [2024-11-08 15:13:35,652 INFO L78 Accepts]: Start accepts. Automaton has 103 states and 134 transitions. Word has length 23 [2024-11-08 15:13:35,652 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:35,652 INFO L471 AbstractCegarLoop]: Abstraction has 103 states and 134 transitions. [2024-11-08 15:13:35,652 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,652 INFO L276 IsEmpty]: Start isEmpty. Operand 103 states and 134 transitions. [2024-11-08 15:13:35,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-08 15:13:35,654 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:35,654 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:35,654 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:13:35,656 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:35,657 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:35,657 INFO L85 PathProgramCache]: Analyzing trace with hash -389594040, now seen corresponding path program 1 times [2024-11-08 15:13:35,657 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:35,658 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [31109281] [2024-11-08 15:13:35,658 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:35,658 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:35,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,747 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-08 15:13:35,749 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,751 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:35,751 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:35,751 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [31109281] [2024-11-08 15:13:35,751 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [31109281] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:35,751 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:35,751 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:13:35,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [249255881] [2024-11-08 15:13:35,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:35,752 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:13:35,753 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:35,753 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:13:35,753 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:35,753 INFO L87 Difference]: Start difference. First operand 103 states and 134 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,765 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:35,766 INFO L93 Difference]: Finished difference Result 168 states and 218 transitions. [2024-11-08 15:13:35,766 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:13:35,766 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-11-08 15:13:35,767 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:35,768 INFO L225 Difference]: With dead ends: 168 [2024-11-08 15:13:35,769 INFO L226 Difference]: Without dead ends: 94 [2024-11-08 15:13:35,770 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:35,771 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 16 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 221 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:35,772 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 221 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:35,773 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-08 15:13:35,781 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-08 15:13:35,785 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 68 states have (on average 1.3235294117647058) internal successors, (90), 78 states have internal predecessors, (90), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-08 15:13:35,786 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-11-08 15:13:35,786 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 24 [2024-11-08 15:13:35,786 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:35,787 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-11-08 15:13:35,790 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,790 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-11-08 15:13:35,791 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-08 15:13:35,791 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:35,791 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:35,791 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:13:35,791 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:35,792 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:35,792 INFO L85 PathProgramCache]: Analyzing trace with hash -2116148500, now seen corresponding path program 1 times [2024-11-08 15:13:35,792 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:35,792 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [149332708] [2024-11-08 15:13:35,792 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:35,792 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:35,818 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,873 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:35,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:35,876 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:35,876 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:35,876 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [149332708] [2024-11-08 15:13:35,876 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [149332708] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:35,876 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:35,876 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:13:35,877 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [703568061] [2024-11-08 15:13:35,877 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:35,877 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:13:35,877 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:35,878 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:13:35,880 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:35,880 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,902 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:35,902 INFO L93 Difference]: Finished difference Result 267 states and 352 transitions. [2024-11-08 15:13:35,903 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:13:35,903 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2024-11-08 15:13:35,903 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:35,907 INFO L225 Difference]: With dead ends: 267 [2024-11-08 15:13:35,908 INFO L226 Difference]: Without dead ends: 180 [2024-11-08 15:13:35,909 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:13:35,911 INFO L432 NwaCegarLoop]: 141 mSDtfsCounter, 102 mSDsluCounter, 112 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 102 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 4 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:35,912 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [102 Valid, 253 Invalid, 4 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:35,912 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-11-08 15:13:35,940 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 177. [2024-11-08 15:13:35,943 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 126 states have (on average 1.3412698412698412) internal successors, (169), 145 states have internal predecessors, (169), 32 states have call successors, (32), 18 states have call predecessors, (32), 18 states have return successors, (32), 21 states have call predecessors, (32), 32 states have call successors, (32) [2024-11-08 15:13:35,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 233 transitions. [2024-11-08 15:13:35,946 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 233 transitions. Word has length 28 [2024-11-08 15:13:35,946 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:35,946 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 233 transitions. [2024-11-08 15:13:35,946 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:35,946 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 233 transitions. [2024-11-08 15:13:35,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-08 15:13:35,948 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:35,948 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:35,948 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:13:35,948 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:35,949 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:35,949 INFO L85 PathProgramCache]: Analyzing trace with hash -1322411102, now seen corresponding path program 1 times [2024-11-08 15:13:35,949 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:35,949 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [654891387] [2024-11-08 15:13:35,949 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:35,949 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:35,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,060 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:36,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,065 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:36,065 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:36,065 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [654891387] [2024-11-08 15:13:36,065 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [654891387] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:36,067 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:36,067 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:13:36,067 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2122516265] [2024-11-08 15:13:36,067 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:36,068 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:13:36,068 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:36,068 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:13:36,069 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:13:36,069 INFO L87 Difference]: Start difference. First operand 177 states and 233 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:36,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:36,157 INFO L93 Difference]: Finished difference Result 449 states and 604 transitions. [2024-11-08 15:13:36,159 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:13:36,159 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-11-08 15:13:36,159 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:36,161 INFO L225 Difference]: With dead ends: 449 [2024-11-08 15:13:36,161 INFO L226 Difference]: Without dead ends: 279 [2024-11-08 15:13:36,162 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:13:36,166 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 66 mSDsluCounter, 308 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 424 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:36,167 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 424 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:13:36,167 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 279 states. [2024-11-08 15:13:36,197 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 279 to 278. [2024-11-08 15:13:36,198 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 201 states have (on average 1.2885572139303483) internal successors, (259), 220 states have internal predecessors, (259), 42 states have call successors, (42), 34 states have call predecessors, (42), 34 states have return successors, (54), 37 states have call predecessors, (54), 42 states have call successors, (54) [2024-11-08 15:13:36,199 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 355 transitions. [2024-11-08 15:13:36,199 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 355 transitions. Word has length 32 [2024-11-08 15:13:36,200 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:36,200 INFO L471 AbstractCegarLoop]: Abstraction has 278 states and 355 transitions. [2024-11-08 15:13:36,200 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:13:36,200 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 355 transitions. [2024-11-08 15:13:36,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-08 15:13:36,206 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:36,206 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:36,206 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:13:36,206 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:36,206 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:36,207 INFO L85 PathProgramCache]: Analyzing trace with hash -1980945601, now seen corresponding path program 1 times [2024-11-08 15:13:36,207 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:36,207 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [744546854] [2024-11-08 15:13:36,207 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:36,207 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:36,224 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,288 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:36,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,335 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:36,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,429 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:36,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,434 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:36,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,437 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-11-08 15:13:36,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,441 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:36,442 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:36,442 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [744546854] [2024-11-08 15:13:36,442 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [744546854] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:36,442 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:36,442 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:13:36,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1576766834] [2024-11-08 15:13:36,442 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:36,443 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:13:36,443 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:36,443 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:13:36,443 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:13:36,443 INFO L87 Difference]: Start difference. First operand 278 states and 355 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:36,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:36,594 INFO L93 Difference]: Finished difference Result 609 states and 798 transitions. [2024-11-08 15:13:36,594 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:13:36,594 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-11-08 15:13:36,594 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:36,596 INFO L225 Difference]: With dead ends: 609 [2024-11-08 15:13:36,596 INFO L226 Difference]: Without dead ends: 338 [2024-11-08 15:13:36,597 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:13:36,598 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 66 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 383 SdHoareTripleChecker+Invalid, 183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:36,599 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 383 Invalid, 183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:36,600 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 338 states. [2024-11-08 15:13:36,616 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 338 to 336. [2024-11-08 15:13:36,616 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 336 states, 245 states have (on average 1.2612244897959184) internal successors, (309), 264 states have internal predecessors, (309), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-11-08 15:13:36,618 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 336 states to 336 states and 423 transitions. [2024-11-08 15:13:36,618 INFO L78 Accepts]: Start accepts. Automaton has 336 states and 423 transitions. Word has length 59 [2024-11-08 15:13:36,619 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:36,619 INFO L471 AbstractCegarLoop]: Abstraction has 336 states and 423 transitions. [2024-11-08 15:13:36,619 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:36,619 INFO L276 IsEmpty]: Start isEmpty. Operand 336 states and 423 transitions. [2024-11-08 15:13:36,620 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-08 15:13:36,620 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:36,620 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:36,620 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:13:36,620 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:36,621 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:36,621 INFO L85 PathProgramCache]: Analyzing trace with hash -1706185987, now seen corresponding path program 1 times [2024-11-08 15:13:36,621 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:36,621 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [486726791] [2024-11-08 15:13:36,621 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:36,621 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:36,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,667 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:36,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,691 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:36,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,727 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:36,729 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,731 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:36,732 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,733 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-11-08 15:13:36,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:36,738 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:36,738 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:36,738 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [486726791] [2024-11-08 15:13:36,738 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [486726791] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:36,738 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:36,738 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:13:36,738 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [501664843] [2024-11-08 15:13:36,738 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:36,739 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:13:36,739 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:36,739 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:13:36,739 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:13:36,739 INFO L87 Difference]: Start difference. First operand 336 states and 423 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:36,880 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:36,880 INFO L93 Difference]: Finished difference Result 671 states and 870 transitions. [2024-11-08 15:13:36,880 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:13:36,881 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-11-08 15:13:36,881 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:36,882 INFO L225 Difference]: With dead ends: 671 [2024-11-08 15:13:36,883 INFO L226 Difference]: Without dead ends: 342 [2024-11-08 15:13:36,883 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:13:36,884 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 65 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 125 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 143 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 125 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:36,886 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 299 Invalid, 143 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:36,888 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2024-11-08 15:13:36,926 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 340. [2024-11-08 15:13:36,927 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 340 states, 249 states have (on average 1.2570281124497993) internal successors, (313), 268 states have internal predecessors, (313), 46 states have call successors, (46), 34 states have call predecessors, (46), 44 states have return successors, (68), 49 states have call predecessors, (68), 46 states have call successors, (68) [2024-11-08 15:13:36,929 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 340 states to 340 states and 427 transitions. [2024-11-08 15:13:36,930 INFO L78 Accepts]: Start accepts. Automaton has 340 states and 427 transitions. Word has length 59 [2024-11-08 15:13:36,930 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:36,930 INFO L471 AbstractCegarLoop]: Abstraction has 340 states and 427 transitions. [2024-11-08 15:13:36,930 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:13:36,930 INFO L276 IsEmpty]: Start isEmpty. Operand 340 states and 427 transitions. [2024-11-08 15:13:36,931 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-08 15:13:36,932 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:36,932 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:36,932 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:13:36,933 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:36,933 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:36,933 INFO L85 PathProgramCache]: Analyzing trace with hash 344798011, now seen corresponding path program 1 times [2024-11-08 15:13:36,934 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:36,934 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1091978513] [2024-11-08 15:13:36,934 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:36,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:36,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,005 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:37,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,028 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:37,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,046 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:37,048 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,051 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:37,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,053 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-11-08 15:13:37,056 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,057 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:13:37,058 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:37,058 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1091978513] [2024-11-08 15:13:37,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1091978513] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:37,058 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:37,058 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:13:37,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [297746056] [2024-11-08 15:13:37,058 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:37,059 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:13:37,060 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:37,060 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:13:37,060 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:13:37,061 INFO L87 Difference]: Start difference. First operand 340 states and 427 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-08 15:13:37,281 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:37,282 INFO L93 Difference]: Finished difference Result 941 states and 1230 transitions. [2024-11-08 15:13:37,282 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:13:37,282 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 59 [2024-11-08 15:13:37,283 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:37,285 INFO L225 Difference]: With dead ends: 941 [2024-11-08 15:13:37,285 INFO L226 Difference]: Without dead ends: 608 [2024-11-08 15:13:37,287 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:13:37,289 INFO L432 NwaCegarLoop]: 134 mSDtfsCounter, 245 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 253 SdHoareTripleChecker+Valid, 323 SdHoareTripleChecker+Invalid, 245 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:37,289 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [253 Valid, 323 Invalid, 245 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:13:37,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 608 states. [2024-11-08 15:13:37,320 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 608 to 601. [2024-11-08 15:13:37,321 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 601 states, 442 states have (on average 1.2330316742081449) internal successors, (545), 470 states have internal predecessors, (545), 81 states have call successors, (81), 71 states have call predecessors, (81), 77 states have return successors, (133), 82 states have call predecessors, (133), 81 states have call successors, (133) [2024-11-08 15:13:37,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 601 states to 601 states and 759 transitions. [2024-11-08 15:13:37,325 INFO L78 Accepts]: Start accepts. Automaton has 601 states and 759 transitions. Word has length 59 [2024-11-08 15:13:37,326 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:37,327 INFO L471 AbstractCegarLoop]: Abstraction has 601 states and 759 transitions. [2024-11-08 15:13:37,327 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-08 15:13:37,327 INFO L276 IsEmpty]: Start isEmpty. Operand 601 states and 759 transitions. [2024-11-08 15:13:37,328 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-11-08 15:13:37,328 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:37,328 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:37,328 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:13:37,328 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:37,328 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:37,329 INFO L85 PathProgramCache]: Analyzing trace with hash 616558741, now seen corresponding path program 1 times [2024-11-08 15:13:37,329 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:37,329 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2091429020] [2024-11-08 15:13:37,329 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:37,329 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:37,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,422 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:37,423 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,433 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:37,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,440 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:37,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,444 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:37,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,446 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:37,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,447 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2024-11-08 15:13:37,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:37,457 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:13:37,457 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:37,457 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2091429020] [2024-11-08 15:13:37,457 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2091429020] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:37,457 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:37,457 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:13:37,457 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [882136546] [2024-11-08 15:13:37,457 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:37,458 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:37,458 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:37,458 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:37,458 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:13:37,458 INFO L87 Difference]: Start difference. First operand 601 states and 759 transitions. Second operand has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-08 15:13:37,961 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:37,962 INFO L93 Difference]: Finished difference Result 1993 states and 2611 transitions. [2024-11-08 15:13:37,962 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-11-08 15:13:37,963 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 63 [2024-11-08 15:13:37,963 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:37,969 INFO L225 Difference]: With dead ends: 1993 [2024-11-08 15:13:37,970 INFO L226 Difference]: Without dead ends: 1399 [2024-11-08 15:13:37,972 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-11-08 15:13:37,973 INFO L432 NwaCegarLoop]: 64 mSDtfsCounter, 360 mSDsluCounter, 286 mSDsCounter, 0 mSdLazyCounter, 467 mSolverCounterSat, 158 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 367 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 625 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 158 IncrementalHoareTripleChecker+Valid, 467 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:37,973 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [367 Valid, 350 Invalid, 625 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [158 Valid, 467 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:13:37,974 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1399 states. [2024-11-08 15:13:38,049 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1399 to 1357. [2024-11-08 15:13:38,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1357 states, 988 states have (on average 1.2044534412955465) internal successors, (1190), 1059 states have internal predecessors, (1190), 194 states have call successors, (194), 142 states have call predecessors, (194), 174 states have return successors, (352), 200 states have call predecessors, (352), 194 states have call successors, (352) [2024-11-08 15:13:38,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1357 states to 1357 states and 1736 transitions. [2024-11-08 15:13:38,056 INFO L78 Accepts]: Start accepts. Automaton has 1357 states and 1736 transitions. Word has length 63 [2024-11-08 15:13:38,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:38,056 INFO L471 AbstractCegarLoop]: Abstraction has 1357 states and 1736 transitions. [2024-11-08 15:13:38,057 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.25) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-08 15:13:38,057 INFO L276 IsEmpty]: Start isEmpty. Operand 1357 states and 1736 transitions. [2024-11-08 15:13:38,059 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-11-08 15:13:38,059 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:38,059 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:38,059 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:13:38,059 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:38,059 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:38,059 INFO L85 PathProgramCache]: Analyzing trace with hash 1067655569, now seen corresponding path program 1 times [2024-11-08 15:13:38,060 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:38,060 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1362440907] [2024-11-08 15:13:38,060 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:38,060 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:38,069 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,124 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:38,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,130 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-08 15:13:38,131 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,144 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:13:38,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,175 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:38,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,223 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:38,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,277 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:38,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,292 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2024-11-08 15:13:38,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,294 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:13:38,295 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:38,295 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1362440907] [2024-11-08 15:13:38,295 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1362440907] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:13:38,295 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [396874] [2024-11-08 15:13:38,295 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:38,296 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:13:38,296 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:13:38,297 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:13:38,298 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:13:38,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:38,367 INFO L255 TraceCheckSpWp]: Trace formula consists of 244 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-08 15:13:38,372 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:13:38,554 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:13:38,554 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-08 15:13:38,554 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [396874] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:38,554 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-08 15:13:38,554 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 21 [2024-11-08 15:13:38,554 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [641590152] [2024-11-08 15:13:38,554 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:38,555 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:38,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:38,556 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:38,556 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=54, Invalid=366, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:13:38,557 INFO L87 Difference]: Start difference. First operand 1357 states and 1736 transitions. Second operand has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-08 15:13:38,742 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:38,743 INFO L93 Difference]: Finished difference Result 2637 states and 3389 transitions. [2024-11-08 15:13:38,743 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:13:38,743 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) Word has length 67 [2024-11-08 15:13:38,744 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:38,749 INFO L225 Difference]: With dead ends: 2637 [2024-11-08 15:13:38,749 INFO L226 Difference]: Without dead ends: 1287 [2024-11-08 15:13:38,752 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 90 GetRequests, 71 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=54, Invalid=366, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:13:38,753 INFO L432 NwaCegarLoop]: 222 mSDtfsCounter, 79 mSDsluCounter, 921 mSDsCounter, 0 mSdLazyCounter, 213 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 1143 SdHoareTripleChecker+Invalid, 214 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 213 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:38,753 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 1143 Invalid, 214 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 213 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:38,754 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1287 states. [2024-11-08 15:13:38,800 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1287 to 1287. [2024-11-08 15:13:38,802 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1287 states, 934 states have (on average 1.1927194860813704) internal successors, (1114), 1003 states have internal predecessors, (1114), 188 states have call successors, (188), 138 states have call predecessors, (188), 164 states have return successors, (308), 188 states have call predecessors, (308), 188 states have call successors, (308) [2024-11-08 15:13:38,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1287 states to 1287 states and 1610 transitions. [2024-11-08 15:13:38,832 INFO L78 Accepts]: Start accepts. Automaton has 1287 states and 1610 transitions. Word has length 67 [2024-11-08 15:13:38,832 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:38,832 INFO L471 AbstractCegarLoop]: Abstraction has 1287 states and 1610 transitions. [2024-11-08 15:13:38,833 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.5) internal successors, (52), 6 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-08 15:13:38,833 INFO L276 IsEmpty]: Start isEmpty. Operand 1287 states and 1610 transitions. [2024-11-08 15:13:38,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2024-11-08 15:13:38,835 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:38,835 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:38,854 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:13:39,036 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:13:39,036 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:39,037 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:39,037 INFO L85 PathProgramCache]: Analyzing trace with hash -1513239529, now seen corresponding path program 1 times [2024-11-08 15:13:39,037 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:39,038 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2086825504] [2024-11-08 15:13:39,038 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:39,038 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:39,048 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,078 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:39,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,085 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:13:39,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,110 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:13:39,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,119 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:39,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,124 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:39,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,127 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:39,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,129 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-08 15:13:39,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,140 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2024-11-08 15:13:39,141 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,142 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2024-11-08 15:13:39,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,145 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:13:39,145 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:39,145 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2086825504] [2024-11-08 15:13:39,145 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2086825504] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:39,145 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:13:39,145 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-08 15:13:39,145 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1459537275] [2024-11-08 15:13:39,145 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:39,146 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:39,146 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:39,147 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:39,147 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:13:39,147 INFO L87 Difference]: Start difference. First operand 1287 states and 1610 transitions. Second operand has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-08 15:13:39,561 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:39,561 INFO L93 Difference]: Finished difference Result 1535 states and 1910 transitions. [2024-11-08 15:13:39,562 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-08 15:13:39,562 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) Word has length 94 [2024-11-08 15:13:39,562 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:39,566 INFO L225 Difference]: With dead ends: 1535 [2024-11-08 15:13:39,566 INFO L226 Difference]: Without dead ends: 650 [2024-11-08 15:13:39,568 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 22 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=68, Invalid=172, Unknown=0, NotChecked=0, Total=240 [2024-11-08 15:13:39,568 INFO L432 NwaCegarLoop]: 55 mSDtfsCounter, 335 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 439 mSolverCounterSat, 120 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 344 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 559 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 120 IncrementalHoareTripleChecker+Valid, 439 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:39,569 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [344 Valid, 237 Invalid, 559 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [120 Valid, 439 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:13:39,570 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 650 states. [2024-11-08 15:13:39,612 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 650 to 630. [2024-11-08 15:13:39,613 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 630 states, 457 states have (on average 1.1575492341356675) internal successors, (529), 489 states have internal predecessors, (529), 91 states have call successors, (91), 68 states have call predecessors, (91), 81 states have return successors, (151), 92 states have call predecessors, (151), 91 states have call successors, (151) [2024-11-08 15:13:39,615 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 630 states to 630 states and 771 transitions. [2024-11-08 15:13:39,616 INFO L78 Accepts]: Start accepts. Automaton has 630 states and 771 transitions. Word has length 94 [2024-11-08 15:13:39,617 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:39,617 INFO L471 AbstractCegarLoop]: Abstraction has 630 states and 771 transitions. [2024-11-08 15:13:39,617 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 8.875) internal successors, (71), 4 states have internal predecessors, (71), 4 states have call successors, (10), 6 states have call predecessors, (10), 2 states have return successors, (9), 3 states have call predecessors, (9), 4 states have call successors, (9) [2024-11-08 15:13:39,617 INFO L276 IsEmpty]: Start isEmpty. Operand 630 states and 771 transitions. [2024-11-08 15:13:39,623 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2024-11-08 15:13:39,623 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:13:39,623 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:39,624 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-08 15:13:39,624 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:13:39,624 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:13:39,624 INFO L85 PathProgramCache]: Analyzing trace with hash 1984934984, now seen corresponding path program 1 times [2024-11-08 15:13:39,624 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:13:39,624 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [731421944] [2024-11-08 15:13:39,624 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:39,624 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:13:39,637 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,714 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:13:39,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,725 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-08 15:13:39,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,738 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:13:39,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,742 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:39,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,747 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:13:39,749 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,752 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:39,753 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,754 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-08 15:13:39,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,762 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2024-11-08 15:13:39,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,772 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-08 15:13:39,774 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,816 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-08 15:13:39,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,852 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-11-08 15:13:39,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,856 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-08 15:13:39,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,857 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:13:39,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,858 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 112 [2024-11-08 15:13:39,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,859 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 14 proven. 12 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2024-11-08 15:13:39,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:13:39,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [731421944] [2024-11-08 15:13:39,859 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [731421944] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:13:39,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [807482410] [2024-11-08 15:13:39,859 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:13:39,859 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:13:39,860 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:13:39,861 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:13:39,862 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-08 15:13:39,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:13:39,935 INFO L255 TraceCheckSpWp]: Trace formula consists of 367 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-08 15:13:39,938 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:13:40,038 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 39 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:13:40,039 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-08 15:13:40,039 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [807482410] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:13:40,039 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-08 15:13:40,039 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2024-11-08 15:13:40,039 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1474055571] [2024-11-08 15:13:40,040 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:13:40,040 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:13:40,040 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:13:40,040 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:13:40,041 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-11-08 15:13:40,041 INFO L87 Difference]: Start difference. First operand 630 states and 771 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-08 15:13:40,155 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:13:40,156 INFO L93 Difference]: Finished difference Result 1083 states and 1345 transitions. [2024-11-08 15:13:40,156 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:13:40,156 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) Word has length 121 [2024-11-08 15:13:40,157 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:13:40,158 INFO L225 Difference]: With dead ends: 1083 [2024-11-08 15:13:40,158 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:13:40,160 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=61, Invalid=359, Unknown=0, NotChecked=0, Total=420 [2024-11-08 15:13:40,161 INFO L432 NwaCegarLoop]: 186 mSDtfsCounter, 62 mSDsluCounter, 736 mSDsCounter, 0 mSdLazyCounter, 111 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 922 SdHoareTripleChecker+Invalid, 111 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:13:40,161 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 922 Invalid, 111 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:13:40,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:13:40,161 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:13:40,161 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:13:40,161 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:13:40,162 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 121 [2024-11-08 15:13:40,162 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:13:40,162 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:13:40,162 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-08 15:13:40,163 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:13:40,163 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:13:40,165 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:13:40,178 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-08 15:13:40,368 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-08 15:13:40,371 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:13:40,372 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:13:43,114 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:13:43,130 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse3 (<= 2 ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse2 .cse3 .cse4) (and .cse2 .cse1) (and .cse0 .cse3 .cse4)))) Eliminated clause: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse3 (<= 2 ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse2 .cse3 .cse4) (and .cse2 .cse1) (and .cse0 .cse3 .cse4))) [2024-11-08 15:13:43,143 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (let ((.cse2 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse3 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse1 .cse4) (and .cse3 .cse4))) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) Eliminated clause: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2))) [2024-11-08 15:13:43,159 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse3 (= 0 ~systemActive~0))) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0))) (or (and .cse0 .cse1) (and .cse2 .cse3) (and .cse2 .cse1) (and .cse0 .cse3))) (or (= ~pumpRunning~0 0) (not .cse3)) (= |old(~waterLevel~0)| ~waterLevel~0))) Eliminated clause: (let ((.cse3 (= 0 ~systemActive~0))) (and (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (<= 1 ~methaneLevelCritical~0))) (or (and .cse0 .cse1) (and .cse2 .cse3) (and .cse2 .cse1) (and .cse0 .cse3))) (or (= ~pumpRunning~0 0) (not .cse3)))) [2024-11-08 15:13:43,166 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) Eliminated clause: (and (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) [2024-11-08 15:13:43,173 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2)))) Eliminated clause: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse2 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse1 .cse3) (and .cse0 .cse4 .cse3) (and .cse0 .cse4 .cse2))) [2024-11-08 15:13:43,177 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) Eliminated clause: (and (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0)))) [2024-11-08 15:13:43,181 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:13:43 BoogieIcfgContainer [2024-11-08 15:13:43,181 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:13:43,181 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:13:43,182 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:13:43,182 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:13:43,182 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:13:35" (3/4) ... [2024-11-08 15:13:43,184 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:13:43,187 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:13:43,188 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-08 15:13:43,188 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-08 15:13:43,192 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-08 15:13:43,192 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:13:43,192 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:13:43,193 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:13:43,193 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:13:43,285 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:13:43,285 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:13:43,285 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:13:43,286 INFO L158 Benchmark]: Toolchain (without parser) took 8860.50ms. Allocated memory was 121.6MB in the beginning and 234.9MB in the end (delta: 113.2MB). Free memory was 51.7MB in the beginning and 149.9MB in the end (delta: -98.2MB). Peak memory consumption was 18.4MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,286 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 121.6MB. Free memory is still 82.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:13:43,286 INFO L158 Benchmark]: CACSL2BoogieTranslator took 419.61ms. Allocated memory was 121.6MB in the beginning and 157.3MB in the end (delta: 35.7MB). Free memory was 51.6MB in the beginning and 110.9MB in the end (delta: -59.4MB). Peak memory consumption was 10.0MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,286 INFO L158 Benchmark]: Boogie Procedure Inliner took 30.12ms. Allocated memory is still 157.3MB. Free memory was 110.9MB in the beginning and 108.9MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,286 INFO L158 Benchmark]: Boogie Preprocessor took 36.88ms. Allocated memory is still 157.3MB. Free memory was 108.9MB in the beginning and 106.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,286 INFO L158 Benchmark]: RCFGBuilder took 374.61ms. Allocated memory is still 157.3MB. Free memory was 106.8MB in the beginning and 86.9MB in the end (delta: 19.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,287 INFO L158 Benchmark]: TraceAbstraction took 7890.03ms. Allocated memory was 157.3MB in the beginning and 234.9MB in the end (delta: 77.6MB). Free memory was 85.9MB in the beginning and 158.3MB in the end (delta: -72.4MB). Peak memory consumption was 106.7MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,287 INFO L158 Benchmark]: Witness Printer took 103.78ms. Allocated memory is still 234.9MB. Free memory was 158.3MB in the beginning and 149.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-08 15:13:43,288 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 121.6MB. Free memory is still 82.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 419.61ms. Allocated memory was 121.6MB in the beginning and 157.3MB in the end (delta: 35.7MB). Free memory was 51.6MB in the beginning and 110.9MB in the end (delta: -59.4MB). Peak memory consumption was 10.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 30.12ms. Allocated memory is still 157.3MB. Free memory was 110.9MB in the beginning and 108.9MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 36.88ms. Allocated memory is still 157.3MB. Free memory was 108.9MB in the beginning and 106.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 374.61ms. Allocated memory is still 157.3MB. Free memory was 106.8MB in the beginning and 86.9MB in the end (delta: 19.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7890.03ms. Allocated memory was 157.3MB in the beginning and 234.9MB in the end (delta: 77.6MB). Free memory was 85.9MB in the beginning and 158.3MB in the end (delta: -72.4MB). Peak memory consumption was 106.7MB. Max. memory is 16.1GB. * Witness Printer took 103.78ms. Allocated memory is still 234.9MB. Free memory was 158.3MB in the beginning and 149.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 316]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [316] - GenericResultAtLocation [Line: 386]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [386] - GenericResultAtLocation [Line: 395]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [395] - GenericResultAtLocation [Line: 761]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [761] - GenericResultAtLocation [Line: 860]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [860] - GenericResultAtLocation [Line: 886]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [886] - GenericResultAtLocation [Line: 990]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [990] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 391]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 112 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.0s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1441 SdHoareTripleChecker+Valid, 1.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1396 mSDsluCounter, 4698 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3337 mSDsCounter, 402 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1728 IncrementalHoareTripleChecker+Invalid, 2130 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 402 mSolverCounterUnsat, 1361 mSDtfsCounter, 1728 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 397 GetRequests, 300 SyntacticMatches, 1 SemanticMatches, 96 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 202 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1357occurred in iteration=8, InterpolantAutomatonStates: 78, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 77 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 817 NumberOfCodeBlocks, 817 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 804 ConstructedInterpolants, 0 QuantifiedInterpolants, 1482 SizeOfPredicates, 1 NumberOfNonLiveVariables, 611 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 13 InterpolantComputations, 11 PerfectInterpolantSequences, 124/138 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 329]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 773]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 330]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (0 == systemActive)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (0 == systemActive))) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 199]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive)))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 89]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 914]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: (((((((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (0 == systemActive)) || (((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (0 == systemActive))) || (((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive))) || ((\old(methaneLevelCritical) == 0) && (1 == systemActive))) && ((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 763]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 926]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: (((\result == methaneLevelCritical) && (((((1 <= methaneLevelCritical) && (1 == systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 65]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (0 == systemActive))) && ((pumpRunning == 0) || (0 != systemActive))) Ensures: ((((((((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (\old(pumpRunning) == 0))) || ((methaneLevelCritical == 0) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || (0 != systemActive))) && (((\old(pumpRunning) != 0) || ((1 == systemActive) && (\old(waterLevel) == waterLevel))) || (0 == systemActive))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 97]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((pumpRunning == \old(pumpRunning)) || (1 < waterLevel))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 902]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive))) Ensures: ((((((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 == systemActive)))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 123]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 207]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: ((((methaneLevelCritical < ((long long) \result + 1)) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:13:43,318 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE