./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5a0a9a5f1521df25ea0ff390c35c7186e45318cd30c225704d83030e156744fb --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:15:35,386 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:15:35,441 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:15:35,446 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:15:35,447 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:15:35,478 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:15:35,478 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:15:35,478 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:15:35,479 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:15:35,480 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:15:35,480 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:15:35,481 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:15:35,481 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:15:35,481 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:15:35,481 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:15:35,482 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:15:35,482 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:15:35,482 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:15:35,482 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:15:35,482 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:15:35,483 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:15:35,486 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:15:35,486 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:15:35,487 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:15:35,487 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:15:35,487 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:15:35,487 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:15:35,487 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:15:35,488 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:15:35,488 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:15:35,488 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:15:35,488 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:15:35,488 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:15:35,488 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:15:35,489 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:15:35,490 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:15:35,490 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:15:35,490 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5a0a9a5f1521df25ea0ff390c35c7186e45318cd30c225704d83030e156744fb [2024-11-09 23:15:35,704 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:15:35,736 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:15:35,739 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:15:35,740 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:15:35,741 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:15:35,742 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c [2024-11-09 23:15:37,105 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:15:37,289 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:15:37,290 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c [2024-11-09 23:15:37,303 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/07ce87c45/e8d1d960bd9b488bbdb70f7f03e53f0f/FLAG333aa87b1 [2024-11-09 23:15:37,316 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/07ce87c45/e8d1d960bd9b488bbdb70f7f03e53f0f [2024-11-09 23:15:37,318 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:15:37,319 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:15:37,320 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:15:37,320 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:15:37,325 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:15:37,326 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,326 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@482f5bbc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37, skipping insertion in model container [2024-11-09 23:15:37,327 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,354 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:15:37,505 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c[3645,3658] [2024-11-09 23:15:37,565 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:15:37,576 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:15:37,583 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-09 23:15:37,584 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [160] [2024-11-09 23:15:37,585 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [188] [2024-11-09 23:15:37,585 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [197] [2024-11-09 23:15:37,585 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [267] [2024-11-09 23:15:37,585 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [500] [2024-11-09 23:15:37,585 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [866] [2024-11-09 23:15:37,586 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [904] [2024-11-09 23:15:37,593 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product59.cil.c[3645,3658] [2024-11-09 23:15:37,631 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:15:37,651 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:15:37,651 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37 WrapperNode [2024-11-09 23:15:37,651 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:15:37,652 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:15:37,652 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:15:37,652 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:15:37,657 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,671 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,697 INFO L138 Inliner]: procedures = 57, calls = 102, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 217 [2024-11-09 23:15:37,698 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:15:37,699 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:15:37,699 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:15:37,699 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:15:37,707 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,707 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,711 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,736 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:15:37,737 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,737 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,744 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,744 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,745 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,749 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,750 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:15:37,751 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:15:37,751 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:15:37,751 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:15:37,754 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (1/1) ... [2024-11-09 23:15:37,758 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:15:37,766 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:15:37,784 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:15:37,786 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:15:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:15:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:15:37,823 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:15:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:15:37,823 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:15:37,823 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:15:37,824 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:15:37,824 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-09 23:15:37,824 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-09 23:15:37,824 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:15:37,824 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:15:37,825 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:15:37,825 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:15:37,825 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 23:15:37,825 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 23:15:37,825 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:15:37,826 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:15:37,826 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:15:37,827 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:15:37,827 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:15:37,885 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:15:37,887 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:15:37,996 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L157-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2024-11-09 23:15:37,997 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L482-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~7#1; [2024-11-09 23:15:37,997 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L408-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~5#1; [2024-11-09 23:15:38,000 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L102: #res := ~retValue_acc~0; [2024-11-09 23:15:38,057 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L901-1: valid_product_#res#1 := valid_product_~retValue_acc~12#1; [2024-11-09 23:15:38,057 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L997-1: main_#res#1 := main_~retValue_acc~13#1; [2024-11-09 23:15:38,085 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L399-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~4#1; [2024-11-09 23:15:38,085 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L463-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~6#1; [2024-11-09 23:15:38,085 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L148-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2024-11-09 23:15:38,102 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2024-11-09 23:15:38,103 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:15:38,118 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:15:38,118 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:15:38,118 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:15:38 BoogieIcfgContainer [2024-11-09 23:15:38,118 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:15:38,120 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:15:38,120 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:15:38,123 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:15:38,123 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:15:37" (1/3) ... [2024-11-09 23:15:38,123 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@25c9c75c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:15:38, skipping insertion in model container [2024-11-09 23:15:38,124 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:15:37" (2/3) ... [2024-11-09 23:15:38,125 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@25c9c75c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:15:38, skipping insertion in model container [2024-11-09 23:15:38,125 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:15:38" (3/3) ... [2024-11-09 23:15:38,126 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product59.cil.c [2024-11-09 23:15:38,158 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:15:38,159 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:15:38,242 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:15:38,250 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@66a215d6, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:15:38,250 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:15:38,254 INFO L276 IsEmpty]: Start isEmpty. Operand has 102 states, 78 states have (on average 1.358974358974359) internal successors, (106), 87 states have internal predecessors, (106), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-09 23:15:38,261 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-09 23:15:38,261 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:38,262 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:38,262 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:38,266 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:38,266 INFO L85 PathProgramCache]: Analyzing trace with hash -1460679973, now seen corresponding path program 1 times [2024-11-09 23:15:38,273 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:38,273 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [899672134] [2024-11-09 23:15:38,274 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:38,274 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:38,366 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-09 23:15:38,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,430 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:15:38,433 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:38,434 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [899672134] [2024-11-09 23:15:38,434 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [899672134] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:38,434 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:38,434 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 23:15:38,436 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1355665697] [2024-11-09 23:15:38,436 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:38,443 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 23:15:38,447 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:38,472 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 23:15:38,473 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:15:38,475 INFO L87 Difference]: Start difference. First operand has 102 states, 78 states have (on average 1.358974358974359) internal successors, (106), 87 states have internal predecessors, (106), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,497 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:38,498 INFO L93 Difference]: Finished difference Result 195 states and 262 transitions. [2024-11-09 23:15:38,498 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 23:15:38,499 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-09 23:15:38,500 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:38,506 INFO L225 Difference]: With dead ends: 195 [2024-11-09 23:15:38,506 INFO L226 Difference]: Without dead ends: 91 [2024-11-09 23:15:38,509 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:15:38,514 INFO L432 NwaCegarLoop]: 127 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 127 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:38,515 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:15:38,528 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2024-11-09 23:15:38,544 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2024-11-09 23:15:38,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 77 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-09 23:15:38,547 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2024-11-09 23:15:38,549 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 25 [2024-11-09 23:15:38,549 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:38,549 INFO L471 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2024-11-09 23:15:38,549 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,549 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2024-11-09 23:15:38,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2024-11-09 23:15:38,551 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:38,551 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:38,552 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:15:38,552 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:38,552 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:38,552 INFO L85 PathProgramCache]: Analyzing trace with hash -179627327, now seen corresponding path program 1 times [2024-11-09 23:15:38,552 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:38,553 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1522827593] [2024-11-09 23:15:38,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:38,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:38,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,642 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-09 23:15:38,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,649 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:15:38,649 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:38,649 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1522827593] [2024-11-09 23:15:38,650 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1522827593] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:38,650 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:38,650 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:15:38,650 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1720360924] [2024-11-09 23:15:38,650 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:38,651 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:15:38,651 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:38,652 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:15:38,652 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:15:38,652 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:38,666 INFO L93 Difference]: Finished difference Result 143 states and 183 transitions. [2024-11-09 23:15:38,666 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:15:38,666 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2024-11-09 23:15:38,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:38,667 INFO L225 Difference]: With dead ends: 143 [2024-11-09 23:15:38,667 INFO L226 Difference]: Without dead ends: 81 [2024-11-09 23:15:38,668 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:15:38,669 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 15 mSDsluCounter, 82 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 185 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:38,669 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 185 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:15:38,671 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2024-11-09 23:15:38,676 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2024-11-09 23:15:38,676 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 70 states have internal predecessors, (82), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-09 23:15:38,678 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 104 transitions. [2024-11-09 23:15:38,678 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 104 transitions. Word has length 27 [2024-11-09 23:15:38,678 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:38,678 INFO L471 AbstractCegarLoop]: Abstraction has 81 states and 104 transitions. [2024-11-09 23:15:38,678 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,679 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 104 transitions. [2024-11-09 23:15:38,679 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-11-09 23:15:38,679 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:38,680 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:38,680 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:15:38,680 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:38,680 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:38,681 INFO L85 PathProgramCache]: Analyzing trace with hash -204057533, now seen corresponding path program 1 times [2024-11-09 23:15:38,681 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:38,681 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [313868723] [2024-11-09 23:15:38,681 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:38,681 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:38,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,786 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:38,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:38,790 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:15:38,790 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:38,790 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [313868723] [2024-11-09 23:15:38,790 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [313868723] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:38,790 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:38,790 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:15:38,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [723115784] [2024-11-09 23:15:38,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:38,791 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:15:38,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:38,792 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:15:38,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:15:38,792 INFO L87 Difference]: Start difference. First operand 81 states and 104 transitions. Second operand has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:38,943 INFO L93 Difference]: Finished difference Result 271 states and 354 transitions. [2024-11-09 23:15:38,944 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:15:38,944 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2024-11-09 23:15:38,944 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:38,946 INFO L225 Difference]: With dead ends: 271 [2024-11-09 23:15:38,946 INFO L226 Difference]: Without dead ends: 197 [2024-11-09 23:15:38,946 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-09 23:15:38,947 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 181 mSDsluCounter, 355 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 181 SdHoareTripleChecker+Valid, 473 SdHoareTripleChecker+Invalid, 91 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:38,948 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [181 Valid, 473 Invalid, 91 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:38,948 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 197 states. [2024-11-09 23:15:38,965 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 197 to 189. [2024-11-09 23:15:38,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 189 states, 142 states have (on average 1.352112676056338) internal successors, (192), 160 states have internal predecessors, (192), 27 states have call successors, (27), 19 states have call predecessors, (27), 19 states have return successors, (28), 19 states have call predecessors, (28), 27 states have call successors, (28) [2024-11-09 23:15:38,967 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 189 states to 189 states and 247 transitions. [2024-11-09 23:15:38,967 INFO L78 Accepts]: Start accepts. Automaton has 189 states and 247 transitions. Word has length 29 [2024-11-09 23:15:38,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:38,967 INFO L471 AbstractCegarLoop]: Abstraction has 189 states and 247 transitions. [2024-11-09 23:15:38,968 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:38,968 INFO L276 IsEmpty]: Start isEmpty. Operand 189 states and 247 transitions. [2024-11-09 23:15:38,969 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-09 23:15:38,969 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:38,969 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:38,969 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:15:38,970 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:38,970 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:38,970 INFO L85 PathProgramCache]: Analyzing trace with hash -1954592961, now seen corresponding path program 1 times [2024-11-09 23:15:38,970 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:38,970 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [967441881] [2024-11-09 23:15:38,971 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:38,971 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:38,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:15:39,100 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,102 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:15:39,102 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:39,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [967441881] [2024-11-09 23:15:39,103 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [967441881] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:39,103 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:39,103 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:15:39,103 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [401381882] [2024-11-09 23:15:39,103 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:39,104 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:15:39,104 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:39,105 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:15:39,106 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:15:39,106 INFO L87 Difference]: Start difference. First operand 189 states and 247 transitions. Second operand has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:39,207 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:39,208 INFO L93 Difference]: Finished difference Result 449 states and 601 transitions. [2024-11-09 23:15:39,208 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:15:39,208 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 33 [2024-11-09 23:15:39,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:39,211 INFO L225 Difference]: With dead ends: 449 [2024-11-09 23:15:39,211 INFO L226 Difference]: Without dead ends: 267 [2024-11-09 23:15:39,212 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:15:39,213 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 55 mSDsluCounter, 256 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:39,213 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 354 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:15:39,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 267 states. [2024-11-09 23:15:39,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 267 to 265. [2024-11-09 23:15:39,243 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 265 states, 200 states have (on average 1.3) internal successors, (260), 219 states have internal predecessors, (260), 34 states have call successors, (34), 30 states have call predecessors, (34), 30 states have return successors, (44), 31 states have call predecessors, (44), 34 states have call successors, (44) [2024-11-09 23:15:39,244 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 265 states to 265 states and 338 transitions. [2024-11-09 23:15:39,245 INFO L78 Accepts]: Start accepts. Automaton has 265 states and 338 transitions. Word has length 33 [2024-11-09 23:15:39,245 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:39,245 INFO L471 AbstractCegarLoop]: Abstraction has 265 states and 338 transitions. [2024-11-09 23:15:39,246 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.0) internal successors, (30), 5 states have internal predecessors, (30), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-09 23:15:39,246 INFO L276 IsEmpty]: Start isEmpty. Operand 265 states and 338 transitions. [2024-11-09 23:15:39,247 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-09 23:15:39,247 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:39,248 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:39,248 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:15:39,248 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:39,248 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:39,249 INFO L85 PathProgramCache]: Analyzing trace with hash -2123995576, now seen corresponding path program 1 times [2024-11-09 23:15:39,249 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:39,249 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [913813749] [2024-11-09 23:15:39,249 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:39,249 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:39,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,334 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:39,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:39,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,399 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-09 23:15:39,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,405 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:15:39,405 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:39,405 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [913813749] [2024-11-09 23:15:39,406 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [913813749] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:39,406 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:39,406 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:15:39,406 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2108809124] [2024-11-09 23:15:39,406 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:39,406 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:15:39,406 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:39,407 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:15:39,407 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:15:39,411 INFO L87 Difference]: Start difference. First operand 265 states and 338 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:15:39,594 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:39,595 INFO L93 Difference]: Finished difference Result 576 states and 751 transitions. [2024-11-09 23:15:39,596 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:15:39,597 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-11-09 23:15:39,597 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:39,599 INFO L225 Difference]: With dead ends: 576 [2024-11-09 23:15:39,599 INFO L226 Difference]: Without dead ends: 318 [2024-11-09 23:15:39,601 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:15:39,603 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 57 mSDsluCounter, 273 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:39,606 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 355 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:39,607 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 318 states. [2024-11-09 23:15:39,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 318 to 315. [2024-11-09 23:15:39,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 315 states, 240 states have (on average 1.275) internal successors, (306), 259 states have internal predecessors, (306), 38 states have call successors, (38), 30 states have call predecessors, (38), 36 states have return successors, (54), 39 states have call predecessors, (54), 38 states have call successors, (54) [2024-11-09 23:15:39,648 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 315 states to 315 states and 398 transitions. [2024-11-09 23:15:39,648 INFO L78 Accepts]: Start accepts. Automaton has 315 states and 398 transitions. Word has length 51 [2024-11-09 23:15:39,649 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:39,649 INFO L471 AbstractCegarLoop]: Abstraction has 315 states and 398 transitions. [2024-11-09 23:15:39,650 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:15:39,650 INFO L276 IsEmpty]: Start isEmpty. Operand 315 states and 398 transitions. [2024-11-09 23:15:39,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-09 23:15:39,651 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:39,652 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:39,653 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:15:39,653 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:39,654 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:39,654 INFO L85 PathProgramCache]: Analyzing trace with hash -1162381559, now seen corresponding path program 1 times [2024-11-09 23:15:39,654 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:39,654 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1526683101] [2024-11-09 23:15:39,654 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:39,654 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:39,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,708 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:39,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,739 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:39,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,741 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-09 23:15:39,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,745 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:15:39,746 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:39,746 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1526683101] [2024-11-09 23:15:39,746 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1526683101] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:39,746 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:39,746 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:15:39,746 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1731109562] [2024-11-09 23:15:39,748 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:39,748 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:15:39,748 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:39,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:15:39,749 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:15:39,749 INFO L87 Difference]: Start difference. First operand 315 states and 398 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:15:39,853 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:39,853 INFO L93 Difference]: Finished difference Result 630 states and 815 transitions. [2024-11-09 23:15:39,854 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:15:39,854 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2024-11-09 23:15:39,854 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:39,856 INFO L225 Difference]: With dead ends: 630 [2024-11-09 23:15:39,856 INFO L226 Difference]: Without dead ends: 322 [2024-11-09 23:15:39,857 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:15:39,857 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 56 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 278 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:39,858 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 278 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:39,858 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 322 states. [2024-11-09 23:15:39,872 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 322 to 319. [2024-11-09 23:15:39,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 319 states, 244 states have (on average 1.2704918032786885) internal successors, (310), 263 states have internal predecessors, (310), 38 states have call successors, (38), 30 states have call predecessors, (38), 36 states have return successors, (54), 39 states have call predecessors, (54), 38 states have call successors, (54) [2024-11-09 23:15:39,874 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 319 states to 319 states and 402 transitions. [2024-11-09 23:15:39,874 INFO L78 Accepts]: Start accepts. Automaton has 319 states and 402 transitions. Word has length 51 [2024-11-09 23:15:39,874 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:39,874 INFO L471 AbstractCegarLoop]: Abstraction has 319 states and 402 transitions. [2024-11-09 23:15:39,874 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:15:39,874 INFO L276 IsEmpty]: Start isEmpty. Operand 319 states and 402 transitions. [2024-11-09 23:15:39,875 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-09 23:15:39,875 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:39,875 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:39,875 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:15:39,876 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:39,876 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:39,876 INFO L85 PathProgramCache]: Analyzing trace with hash 223821835, now seen corresponding path program 1 times [2024-11-09 23:15:39,876 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:39,876 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [59757271] [2024-11-09 23:15:39,876 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:39,876 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:39,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,912 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:39,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,942 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:39,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,945 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-09 23:15:39,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:39,950 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:15:39,950 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:39,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [59757271] [2024-11-09 23:15:39,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [59757271] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:39,951 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:39,951 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:15:39,951 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1404360055] [2024-11-09 23:15:39,951 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:39,951 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:15:39,951 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:39,951 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:15:39,951 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:15:39,954 INFO L87 Difference]: Start difference. First operand 319 states and 402 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 23:15:40,138 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:40,138 INFO L93 Difference]: Finished difference Result 942 states and 1236 transitions. [2024-11-09 23:15:40,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:15:40,138 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2024-11-09 23:15:40,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:40,142 INFO L225 Difference]: With dead ends: 942 [2024-11-09 23:15:40,143 INFO L226 Difference]: Without dead ends: 630 [2024-11-09 23:15:40,144 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:15:40,145 INFO L432 NwaCegarLoop]: 124 mSDtfsCounter, 219 mSDsluCounter, 175 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 225 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 190 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:40,147 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [225 Valid, 299 Invalid, 190 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:40,147 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 630 states. [2024-11-09 23:15:40,181 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 630 to 622. [2024-11-09 23:15:40,182 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 622 states, 472 states have (on average 1.2478813559322033) internal successors, (589), 503 states have internal predecessors, (589), 77 states have call successors, (77), 71 states have call predecessors, (77), 72 states have return successors, (122), 75 states have call predecessors, (122), 77 states have call successors, (122) [2024-11-09 23:15:40,184 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 622 states to 622 states and 788 transitions. [2024-11-09 23:15:40,185 INFO L78 Accepts]: Start accepts. Automaton has 622 states and 788 transitions. Word has length 51 [2024-11-09 23:15:40,185 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:40,185 INFO L471 AbstractCegarLoop]: Abstraction has 622 states and 788 transitions. [2024-11-09 23:15:40,186 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 23:15:40,186 INFO L276 IsEmpty]: Start isEmpty. Operand 622 states and 788 transitions. [2024-11-09 23:15:40,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 23:15:40,186 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:40,187 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:40,187 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 23:15:40,187 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:40,187 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:40,188 INFO L85 PathProgramCache]: Analyzing trace with hash 552902697, now seen corresponding path program 1 times [2024-11-09 23:15:40,188 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:40,188 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [140500429] [2024-11-09 23:15:40,188 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:40,188 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:40,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:40,252 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:15:40,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:40,260 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:15:40,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:40,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:40,374 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:40,389 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-09 23:15:40,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:40,398 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:15:40,399 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:40,399 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [140500429] [2024-11-09 23:15:40,399 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [140500429] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:40,399 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:15:40,399 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2024-11-09 23:15:40,399 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1014551292] [2024-11-09 23:15:40,399 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:40,400 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-11-09 23:15:40,400 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:40,400 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-11-09 23:15:40,401 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=88, Unknown=0, NotChecked=0, Total=110 [2024-11-09 23:15:40,401 INFO L87 Difference]: Start difference. First operand 622 states and 788 transitions. Second operand has 11 states, 11 states have (on average 4.0) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 4 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:15:40,967 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:40,967 INFO L93 Difference]: Finished difference Result 1992 states and 2645 transitions. [2024-11-09 23:15:40,967 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-09 23:15:40,968 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 11 states have (on average 4.0) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 4 states have call predecessors, (4), 2 states have call successors, (4) Word has length 55 [2024-11-09 23:15:40,968 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:40,975 INFO L225 Difference]: With dead ends: 1992 [2024-11-09 23:15:40,975 INFO L226 Difference]: Without dead ends: 1377 [2024-11-09 23:15:40,977 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 37 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 138 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=187, Invalid=569, Unknown=0, NotChecked=0, Total=756 [2024-11-09 23:15:40,978 INFO L432 NwaCegarLoop]: 70 mSDtfsCounter, 476 mSDsluCounter, 436 mSDsCounter, 0 mSdLazyCounter, 445 mSolverCounterSat, 172 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 483 SdHoareTripleChecker+Valid, 506 SdHoareTripleChecker+Invalid, 617 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 172 IncrementalHoareTripleChecker+Valid, 445 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:40,978 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [483 Valid, 506 Invalid, 617 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [172 Valid, 445 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-09 23:15:40,980 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1377 states. [2024-11-09 23:15:41,048 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1377 to 1338. [2024-11-09 23:15:41,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1338 states, 1003 states have (on average 1.2153539381854437) internal successors, (1219), 1080 states have internal predecessors, (1219), 176 states have call successors, (176), 138 states have call predecessors, (176), 158 states have return successors, (319), 172 states have call predecessors, (319), 176 states have call successors, (319) [2024-11-09 23:15:41,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1338 states to 1338 states and 1714 transitions. [2024-11-09 23:15:41,056 INFO L78 Accepts]: Start accepts. Automaton has 1338 states and 1714 transitions. Word has length 55 [2024-11-09 23:15:41,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:41,057 INFO L471 AbstractCegarLoop]: Abstraction has 1338 states and 1714 transitions. [2024-11-09 23:15:41,057 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 11 states have (on average 4.0) internal successors, (44), 7 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 4 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:15:41,057 INFO L276 IsEmpty]: Start isEmpty. Operand 1338 states and 1714 transitions. [2024-11-09 23:15:41,061 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2024-11-09 23:15:41,061 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:41,061 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:41,061 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 23:15:41,061 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:41,062 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:41,062 INFO L85 PathProgramCache]: Analyzing trace with hash -330227758, now seen corresponding path program 1 times [2024-11-09 23:15:41,062 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:41,062 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1849198745] [2024-11-09 23:15:41,062 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:41,062 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:41,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,158 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:15:41,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,165 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-09 23:15:41,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,186 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:15:41,189 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,224 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:15:41,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:41,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:15:41,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,299 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-09 23:15:41,301 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,302 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-09 23:15:41,304 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,305 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:15:41,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,306 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 91 [2024-11-09 23:15:41,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,308 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-09 23:15:41,309 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:41,309 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1849198745] [2024-11-09 23:15:41,309 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1849198745] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:15:41,309 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [31643580] [2024-11-09 23:15:41,309 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:41,310 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:15:41,310 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:15:41,312 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:15:41,313 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:15:41,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:41,398 INFO L255 TraceCheckSpWp]: Trace formula consists of 325 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-09 23:15:41,423 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:15:41,619 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2024-11-09 23:15:41,619 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 23:15:41,620 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [31643580] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:41,620 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-09 23:15:41,620 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [15] total 19 [2024-11-09 23:15:41,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [947631706] [2024-11-09 23:15:41,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:41,620 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-09 23:15:41,621 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:41,621 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-09 23:15:41,621 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-11-09 23:15:41,621 INFO L87 Difference]: Start difference. First operand 1338 states and 1714 transitions. Second operand has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 6 states have internal predecessors, (74), 3 states have call successors, (10), 3 states have call predecessors, (10), 4 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 23:15:41,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:41,803 INFO L93 Difference]: Finished difference Result 2669 states and 3421 transitions. [2024-11-09 23:15:41,803 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:15:41,804 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 6 states have internal predecessors, (74), 3 states have call successors, (10), 3 states have call predecessors, (10), 4 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) Word has length 101 [2024-11-09 23:15:41,804 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:41,810 INFO L225 Difference]: With dead ends: 2669 [2024-11-09 23:15:41,810 INFO L226 Difference]: Without dead ends: 1338 [2024-11-09 23:15:41,814 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 131 GetRequests, 114 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 40 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-11-09 23:15:41,814 INFO L432 NwaCegarLoop]: 185 mSDtfsCounter, 69 mSDsluCounter, 357 mSDsCounter, 0 mSdLazyCounter, 116 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 542 SdHoareTripleChecker+Invalid, 117 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 116 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:41,814 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 542 Invalid, 117 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:41,816 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1338 states. [2024-11-09 23:15:41,867 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1338 to 1338. [2024-11-09 23:15:41,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1338 states, 1003 states have (on average 1.2003988035892323) internal successors, (1204), 1080 states have internal predecessors, (1204), 176 states have call successors, (176), 138 states have call predecessors, (176), 158 states have return successors, (282), 172 states have call predecessors, (282), 176 states have call successors, (282) [2024-11-09 23:15:41,874 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1338 states to 1338 states and 1662 transitions. [2024-11-09 23:15:41,876 INFO L78 Accepts]: Start accepts. Automaton has 1338 states and 1662 transitions. Word has length 101 [2024-11-09 23:15:41,876 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:41,877 INFO L471 AbstractCegarLoop]: Abstraction has 1338 states and 1662 transitions. [2024-11-09 23:15:41,877 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 10.571428571428571) internal successors, (74), 6 states have internal predecessors, (74), 3 states have call successors, (10), 3 states have call predecessors, (10), 4 states have return successors, (9), 4 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 23:15:41,877 INFO L276 IsEmpty]: Start isEmpty. Operand 1338 states and 1662 transitions. [2024-11-09 23:15:41,879 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 98 [2024-11-09 23:15:41,879 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:41,880 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:41,895 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 23:15:42,083 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:15:42,084 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:42,084 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:42,085 INFO L85 PathProgramCache]: Analyzing trace with hash -192710861, now seen corresponding path program 1 times [2024-11-09 23:15:42,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:42,085 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2029761921] [2024-11-09 23:15:42,085 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:42,085 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:42,095 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:15:42,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,224 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:42,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,247 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:15:42,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,263 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:42,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,265 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:15:42,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,279 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-09 23:15:42,281 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,282 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-09 23:15:42,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,284 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:15:42,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,287 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2024-11-09 23:15:42,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,289 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 16 proven. 3 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-11-09 23:15:42,291 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:42,291 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2029761921] [2024-11-09 23:15:42,291 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2029761921] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:15:42,291 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1778265657] [2024-11-09 23:15:42,291 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:42,291 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:15:42,291 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:15:42,293 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:15:42,294 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 23:15:42,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:42,373 INFO L255 TraceCheckSpWp]: Trace formula consists of 315 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-11-09 23:15:42,377 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:15:42,471 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 27 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:15:42,471 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 23:15:42,472 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1778265657] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:42,472 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-09 23:15:42,473 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [10] total 10 [2024-11-09 23:15:42,473 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [330325191] [2024-11-09 23:15:42,473 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:42,473 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:15:42,473 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:42,474 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:15:42,474 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-09 23:15:42,474 INFO L87 Difference]: Start difference. First operand 1338 states and 1662 transitions. Second operand has 6 states, 6 states have (on average 12.666666666666666) internal successors, (76), 6 states have internal predecessors, (76), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 23:15:42,679 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:42,680 INFO L93 Difference]: Finished difference Result 3128 states and 4074 transitions. [2024-11-09 23:15:42,680 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:15:42,680 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.666666666666666) internal successors, (76), 6 states have internal predecessors, (76), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 97 [2024-11-09 23:15:42,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:42,691 INFO L225 Difference]: With dead ends: 3128 [2024-11-09 23:15:42,691 INFO L226 Difference]: Without dead ends: 2053 [2024-11-09 23:15:42,695 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 125 GetRequests, 113 SyntacticMatches, 2 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=28, Invalid=104, Unknown=0, NotChecked=0, Total=132 [2024-11-09 23:15:42,696 INFO L432 NwaCegarLoop]: 152 mSDtfsCounter, 120 mSDsluCounter, 447 mSDsCounter, 0 mSdLazyCounter, 59 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 599 SdHoareTripleChecker+Invalid, 66 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 59 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:42,696 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 599 Invalid, 66 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 59 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:15:42,699 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2053 states. [2024-11-09 23:15:42,797 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2053 to 1850. [2024-11-09 23:15:42,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1850 states, 1379 states have (on average 1.207396664249456) internal successors, (1665), 1488 states have internal predecessors, (1665), 248 states have call successors, (248), 198 states have call predecessors, (248), 222 states have return successors, (417), 228 states have call predecessors, (417), 248 states have call successors, (417) [2024-11-09 23:15:42,805 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1850 states to 1850 states and 2330 transitions. [2024-11-09 23:15:42,807 INFO L78 Accepts]: Start accepts. Automaton has 1850 states and 2330 transitions. Word has length 97 [2024-11-09 23:15:42,808 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:42,808 INFO L471 AbstractCegarLoop]: Abstraction has 1850 states and 2330 transitions. [2024-11-09 23:15:42,808 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.666666666666666) internal successors, (76), 6 states have internal predecessors, (76), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-09 23:15:42,808 INFO L276 IsEmpty]: Start isEmpty. Operand 1850 states and 2330 transitions. [2024-11-09 23:15:42,810 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 98 [2024-11-09 23:15:42,811 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:15:42,811 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:42,825 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 23:15:43,011 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 23:15:43,012 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:15:43,012 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:15:43,013 INFO L85 PathProgramCache]: Analyzing trace with hash -259717614, now seen corresponding path program 1 times [2024-11-09 23:15:43,013 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:15:43,013 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1837392885] [2024-11-09 23:15:43,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:43,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:15:43,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,105 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-09 23:15:43,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,113 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:15:43,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,123 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-09 23:15:43,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,126 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:15:43,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,128 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:15:43,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,134 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-09 23:15:43,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,136 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2024-11-09 23:15:43,136 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,137 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:15:43,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,137 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2024-11-09 23:15:43,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,139 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 5 proven. 1 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2024-11-09 23:15:43,139 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:15:43,139 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1837392885] [2024-11-09 23:15:43,139 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1837392885] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:15:43,139 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1229289846] [2024-11-09 23:15:43,139 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:15:43,139 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:15:43,139 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:15:43,143 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:15:43,144 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-09 23:15:43,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:15:43,213 INFO L255 TraceCheckSpWp]: Trace formula consists of 316 conjuncts, 5 conjuncts are in the unsatisfiable core [2024-11-09 23:15:43,215 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:15:43,242 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-09 23:15:43,242 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-09 23:15:43,242 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1229289846] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:15:43,243 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-09 23:15:43,243 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [9] total 12 [2024-11-09 23:15:43,243 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1366539462] [2024-11-09 23:15:43,243 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:15:43,243 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:15:43,243 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:15:43,244 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:15:43,244 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2024-11-09 23:15:43,244 INFO L87 Difference]: Start difference. First operand 1850 states and 2330 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 23:15:43,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:15:43,293 INFO L93 Difference]: Finished difference Result 2626 states and 3284 transitions. [2024-11-09 23:15:43,293 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:15:43,293 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 97 [2024-11-09 23:15:43,293 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:15:43,296 INFO L225 Difference]: With dead ends: 2626 [2024-11-09 23:15:43,296 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:15:43,301 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 119 GetRequests, 109 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2024-11-09 23:15:43,301 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 0 mSDsluCounter, 265 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 355 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:15:43,301 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 355 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:15:43,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:15:43,302 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:15:43,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:15:43,302 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:15:43,303 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 97 [2024-11-09 23:15:43,303 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:15:43,303 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:15:43,304 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2024-11-09 23:15:43,304 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:15:43,304 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:15:43,306 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:15:43,319 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2024-11-09 23:15:43,510 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:15:43,513 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:15:43,515 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:15:46,526 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:15:46,538 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 ~waterLevel~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~waterLevel~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1))) [2024-11-09 23:15:46,558 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse2 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|) .cse1) (and .cse0 .cse2 .cse1) (and .cse2 (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))))) (or (not .cse2) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse2 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|) .cse1) (and .cse0 .cse2 .cse1) (and .cse2 (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))))) (or (not .cse2) (= ~methaneLevelCritical~0 0))))) [2024-11-09 23:15:46,561 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 23:15:46,567 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse2 (<= 1 |old(~waterLevel~0)|)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse4 (<= 2 |old(~waterLevel~0)|)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse0 .cse4 .cse5))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse5 (<= 1 ~waterLevel~0)) (.cse4 (<= 1 ~methaneLevelCritical~0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and .cse3 .cse0 .cse5) (and .cse4 .cse1 .cse2))) [2024-11-09 23:15:46,587 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (let ((.cse2 (<= 1 ~methaneLevelCritical~0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 (<= 1 ~waterLevel~0) .cse1) (and .cse2 (<= 2 ~waterLevel~0) .cse0 .cse1) (and .cse2 .cse0 (= ~waterLevel~0 1) .cse1)))) Eliminated clause: (and (= ~pumpRunning~0 0) (let ((.cse1 (<= 1 ~methaneLevelCritical~0)) (.cse0 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) (<= 1 ~waterLevel~0) .cse0) (and .cse1 (= ~waterLevel~0 1) .cse0) (and .cse1 (<= 2 ~waterLevel~0) .cse0)))) [2024-11-09 23:15:46,591 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= 1 |old(~waterLevel~0)|)) (.cse2 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1) (and .cse0 .cse2 .cse1) (and .cse2 (<= 2 |old(~waterLevel~0)|) (not (= 0 ~systemActive~0))))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (<= 1 ~waterLevel~0))) (or (and .cse0 (<= 2 ~waterLevel~0) (not (= 0 ~systemActive~0))) (and .cse1 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse1 .cse0 .cse2))) [2024-11-09 23:15:46,594 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:15:46 BoogieIcfgContainer [2024-11-09 23:15:46,594 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:15:46,595 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:15:46,595 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:15:46,595 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:15:46,595 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:15:38" (3/4) ... [2024-11-09 23:15:46,597 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:15:46,600 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 23:15:46,600 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:15:46,600 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:15:46,600 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:15:46,601 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:15:46,601 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-09 23:15:46,601 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:15:46,601 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:15:46,609 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 40 nodes and edges [2024-11-09 23:15:46,610 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:15:46,610 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:15:46,611 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:15:46,611 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:15:46,730 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:15:46,731 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:15:46,731 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:15:46,731 INFO L158 Benchmark]: Toolchain (without parser) took 9412.23ms. Allocated memory was 174.1MB in the beginning and 310.4MB in the end (delta: 136.3MB). Free memory was 118.9MB in the beginning and 217.1MB in the end (delta: -98.2MB). Peak memory consumption was 40.2MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,731 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 174.1MB. Free memory is still 141.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:15:46,732 INFO L158 Benchmark]: CACSL2BoogieTranslator took 331.39ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 96.8MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,732 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.35ms. Allocated memory is still 174.1MB. Free memory was 96.8MB in the beginning and 94.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,733 INFO L158 Benchmark]: Boogie Preprocessor took 51.50ms. Allocated memory is still 174.1MB. Free memory was 94.7MB in the beginning and 92.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,733 INFO L158 Benchmark]: IcfgBuilder took 367.74ms. Allocated memory is still 174.1MB. Free memory was 92.6MB in the beginning and 71.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,733 INFO L158 Benchmark]: TraceAbstraction took 8474.12ms. Allocated memory was 174.1MB in the beginning and 310.4MB in the end (delta: 136.3MB). Free memory was 71.0MB in the beginning and 225.5MB in the end (delta: -154.5MB). Peak memory consumption was 126.6MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,733 INFO L158 Benchmark]: Witness Printer took 136.09ms. Allocated memory is still 310.4MB. Free memory was 225.5MB in the beginning and 217.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:15:46,734 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 174.1MB. Free memory is still 141.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 331.39ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 96.8MB in the end (delta: 21.6MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.35ms. Allocated memory is still 174.1MB. Free memory was 96.8MB in the beginning and 94.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 51.50ms. Allocated memory is still 174.1MB. Free memory was 94.7MB in the beginning and 92.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 367.74ms. Allocated memory is still 174.1MB. Free memory was 92.6MB in the beginning and 71.6MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 8474.12ms. Allocated memory was 174.1MB in the beginning and 310.4MB in the end (delta: 136.3MB). Free memory was 71.0MB in the beginning and 225.5MB in the end (delta: -154.5MB). Peak memory consumption was 126.6MB. Max. memory is 16.1GB. * Witness Printer took 136.09ms. Allocated memory is still 310.4MB. Free memory was 225.5MB in the beginning and 217.1MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [160] - GenericResultAtLocation [Line: 188]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [188] - GenericResultAtLocation [Line: 197]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [197] - GenericResultAtLocation [Line: 267]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [267] - GenericResultAtLocation [Line: 500]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [500] - GenericResultAtLocation [Line: 866]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [866] - GenericResultAtLocation [Line: 904]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [904] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 193]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 102 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.3s, OverallIterations: 11, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1274 SdHoareTripleChecker+Valid, 1.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1248 mSDsluCounter, 4073 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2841 mSDsCounter, 277 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1098 IncrementalHoareTripleChecker+Invalid, 1375 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 277 mSolverCounterUnsat, 1232 mSDtfsCounter, 1098 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 481 GetRequests, 387 SyntacticMatches, 2 SemanticMatches, 92 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 211 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1850occurred in iteration=10, InterpolantAutomatonStates: 74, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 266 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 912 NumberOfCodeBlocks, 912 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 898 ConstructedInterpolants, 0 QuantifiedInterpolants, 1505 SizeOfPredicates, 2 NumberOfNonLiveVariables, 956 ConjunctsInSsa, 24 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 188/200 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 211]: Location Invariant Derived location invariant: null - InvariantResult [Line: 916]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 383]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((methaneLevelCritical == 0) && (1 <= waterLevel)) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (1 <= waterLevel)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && ((((methaneLevelCritical == 0) && (1 <= waterLevel)) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (1 <= waterLevel)) && (0 != systemActive)))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 298]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 <= waterLevel)) && (0 != systemActive)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 <= waterLevel)) && (0 != systemActive)) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (2 <= waterLevel)) && (0 != systemActive))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && (((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 <= waterLevel)) || (((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) && (1 <= waterLevel))) || (((\old(methaneLevelCritical) == 0) && (2 <= waterLevel)) && (0 != systemActive)))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((waterLevel == \old(waterLevel)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 906]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 274]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 <= waterLevel))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= waterLevel))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((((((1 < waterLevel) || ((pumpRunning == 0) && (waterLevel == 1))) && ((pumpRunning == 0) || (0 != systemActive))) && ((methaneLevelCritical < 1) || ((pumpRunning == 0) && (1 <= waterLevel)))) && (((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0))) || (((methaneLevelCritical == 0) && (2 <= \old(waterLevel))) && (0 != systemActive))) || (((1 <= methaneLevelCritical) && (2 <= \old(waterLevel))) && (0 != systemActive)))) && ((\old(pumpRunning) != 0) || (\old(waterLevel) == waterLevel))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 96]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel == 1))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= waterLevel))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 <= waterLevel))) Ensures: ((((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel == 1))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= waterLevel))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 <= waterLevel))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 306]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((pumpRunning == 0) && (((((methaneLevelCritical == 0) && (1 <= waterLevel)) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (waterLevel == 1)) && (0 != systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (0 != systemActive)))) Ensures: (((((pumpRunning == 0) || (methaneLevelCritical < 1)) && ((((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (1 <= waterLevel)) && (0 != systemActive)) || ((((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || ((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (waterLevel == 1)) && (0 != systemActive)))) && ((pumpRunning == 0) || (1 < waterLevel))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 <= waterLevel))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= waterLevel))) Ensures: (((((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel)) && (2 <= waterLevel)) && (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 <= \old(waterLevel))) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 <= \old(waterLevel)))) || (((methaneLevelCritical == 0) && (2 <= \old(waterLevel))) && (0 != systemActive)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:15:46,763 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE