./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash df3faf2d1bbcaed92e1c2eddcb5ae1d2459730e99808e363d537a0bc5d54e347 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:18:48,019 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:18:48,076 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:18:48,090 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:18:48,090 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:18:48,117 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:18:48,118 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:18:48,118 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:18:48,119 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:18:48,119 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:18:48,120 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:18:48,120 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:18:48,120 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:18:48,121 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:18:48,121 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:18:48,122 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:18:48,123 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:18:48,123 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:18:48,123 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:18:48,123 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:18:48,126 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:18:48,127 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:18:48,128 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:18:48,128 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:18:48,128 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:18:48,128 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:18:48,128 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:18:48,128 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:18:48,129 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:18:48,129 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:18:48,130 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:18:48,130 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> df3faf2d1bbcaed92e1c2eddcb5ae1d2459730e99808e363d537a0bc5d54e347 [2024-11-09 23:18:48,322 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:18:48,340 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:18:48,343 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:18:48,344 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:18:48,344 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:18:48,345 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c [2024-11-09 23:18:49,567 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:18:49,762 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:18:49,762 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c [2024-11-09 23:18:49,774 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2d3a3bf97/4daf9186a2e2418dab2eab027c30847c/FLAG549eac0a6 [2024-11-09 23:18:50,146 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/2d3a3bf97/4daf9186a2e2418dab2eab027c30847c [2024-11-09 23:18:50,147 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:18:50,148 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:18:50,149 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:18:50,150 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:18:50,153 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:18:50,154 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,154 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@194f4124 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50, skipping insertion in model container [2024-11-09 23:18:50,154 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,183 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:18:50,334 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c[1605,1618] [2024-11-09 23:18:50,458 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:18:50,473 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:18:50,481 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-09 23:18:50,483 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-09 23:18:50,483 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] [2024-11-09 23:18:50,483 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [304] [2024-11-09 23:18:50,483 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [405] [2024-11-09 23:18:50,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [472] [2024-11-09 23:18:50,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [522] [2024-11-09 23:18:50,484 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [888] [2024-11-09 23:18:50,488 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product39.cil.c[1605,1618] [2024-11-09 23:18:50,537 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:18:50,556 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:18:50,556 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50 WrapperNode [2024-11-09 23:18:50,556 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:18:50,557 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:18:50,557 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:18:50,557 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:18:50,561 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,571 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,593 INFO L138 Inliner]: procedures = 56, calls = 102, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 205 [2024-11-09 23:18:50,593 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:18:50,594 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:18:50,594 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:18:50,594 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:18:50,601 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,602 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,605 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,614 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:18:50,615 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,615 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,622 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,622 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,623 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,627 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,628 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:18:50,630 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:18:50,630 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:18:50,631 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:18:50,631 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (1/1) ... [2024-11-09 23:18:50,635 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:18:50,646 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:50,663 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:18:50,669 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:18:50,703 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:18:50,704 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:18:50,704 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:18:50,704 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:18:50,704 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:18:50,704 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:18:50,704 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:18:50,704 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:50,705 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:50,705 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:18:50,705 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:18:50,705 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-09 23:18:50,705 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-09 23:18:50,705 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 23:18:50,706 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 23:18:50,706 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:18:50,706 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:18:50,706 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:18:50,706 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:18:50,706 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:18:50,769 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:18:50,770 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:18:50,905 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L965-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~10#1; [2024-11-09 23:18:50,907 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L222-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~2#1; [2024-11-09 23:18:50,907 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L933-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~9#1; [2024-11-09 23:18:50,977 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L93-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2024-11-09 23:18:50,977 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L402-1: main_#res#1 := main_~retValue_acc~5#1; [2024-11-09 23:18:51,003 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L286-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~4#1; [2024-11-09 23:18:51,005 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L979-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~11#1; [2024-11-09 23:18:51,010 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L231: #res := ~retValue_acc~3; [2024-11-09 23:18:51,031 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-09 23:18:51,031 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:18:51,046 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:18:51,046 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:18:51,047 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:51 BoogieIcfgContainer [2024-11-09 23:18:51,047 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:18:51,048 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:18:51,048 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:18:51,050 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:18:51,051 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:18:50" (1/3) ... [2024-11-09 23:18:51,051 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7e8df19a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:18:51, skipping insertion in model container [2024-11-09 23:18:51,051 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:18:50" (2/3) ... [2024-11-09 23:18:51,052 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7e8df19a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:18:51, skipping insertion in model container [2024-11-09 23:18:51,052 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:51" (3/3) ... [2024-11-09 23:18:51,053 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product39.cil.c [2024-11-09 23:18:51,064 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:18:51,064 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:18:51,110 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:18:51,118 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@76a4a4a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:18:51,118 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:18:51,121 INFO L276 IsEmpty]: Start isEmpty. Operand has 101 states, 77 states have (on average 1.3506493506493507) internal successors, (104), 86 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-09 23:18:51,128 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-09 23:18:51,128 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:51,128 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:51,129 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:51,132 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:51,132 INFO L85 PathProgramCache]: Analyzing trace with hash 1781613687, now seen corresponding path program 1 times [2024-11-09 23:18:51,138 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:51,138 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1606546543] [2024-11-09 23:18:51,138 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:51,138 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:51,238 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,452 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-09 23:18:51,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,484 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-09 23:18:51,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,490 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:18:51,495 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:51,495 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1606546543] [2024-11-09 23:18:51,495 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1606546543] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:51,495 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:51,495 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:18:51,496 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2045034740] [2024-11-09 23:18:51,497 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:51,500 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:18:51,500 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:51,518 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:18:51,518 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:18:51,520 INFO L87 Difference]: Start difference. First operand has 101 states, 77 states have (on average 1.3506493506493507) internal successors, (104), 86 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:51,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:51,759 INFO L93 Difference]: Finished difference Result 349 states and 477 transitions. [2024-11-09 23:18:51,761 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:18:51,762 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-09 23:18:51,763 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:51,770 INFO L225 Difference]: With dead ends: 349 [2024-11-09 23:18:51,771 INFO L226 Difference]: Without dead ends: 229 [2024-11-09 23:18:51,773 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-09 23:18:51,776 INFO L432 NwaCegarLoop]: 140 mSDtfsCounter, 287 mSDsluCounter, 372 mSDsCounter, 0 mSdLazyCounter, 113 mSolverCounterSat, 25 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 287 SdHoareTripleChecker+Valid, 512 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 113 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:51,777 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [287 Valid, 512 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [25 Valid, 113 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:18:51,791 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 229 states. [2024-11-09 23:18:51,824 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 229 to 221. [2024-11-09 23:18:51,826 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 221 states, 164 states have (on average 1.3170731707317074) internal successors, (216), 182 states have internal predecessors, (216), 37 states have call successors, (37), 22 states have call predecessors, (37), 19 states have return successors, (37), 26 states have call predecessors, (37), 34 states have call successors, (37) [2024-11-09 23:18:51,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 221 states to 221 states and 290 transitions. [2024-11-09 23:18:51,831 INFO L78 Accepts]: Start accepts. Automaton has 221 states and 290 transitions. Word has length 38 [2024-11-09 23:18:51,831 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:51,831 INFO L471 AbstractCegarLoop]: Abstraction has 221 states and 290 transitions. [2024-11-09 23:18:51,832 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:51,832 INFO L276 IsEmpty]: Start isEmpty. Operand 221 states and 290 transitions. [2024-11-09 23:18:51,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2024-11-09 23:18:51,838 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:51,838 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:51,838 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:18:51,838 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:51,839 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:51,840 INFO L85 PathProgramCache]: Analyzing trace with hash -2006376013, now seen corresponding path program 1 times [2024-11-09 23:18:51,840 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:51,840 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [698280545] [2024-11-09 23:18:51,840 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:51,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:51,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,916 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-09 23:18:51,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,920 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-09 23:18:51,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:51,934 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 23:18:51,935 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:51,935 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [698280545] [2024-11-09 23:18:51,935 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [698280545] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:51,935 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:51,936 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:18:51,936 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [417870544] [2024-11-09 23:18:51,936 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:51,937 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:18:51,937 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:51,937 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:18:51,937 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:18:51,937 INFO L87 Difference]: Start difference. First operand 221 states and 290 transitions. Second operand has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:52,043 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:52,043 INFO L93 Difference]: Finished difference Result 537 states and 740 transitions. [2024-11-09 23:18:52,043 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:18:52,044 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 42 [2024-11-09 23:18:52,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:52,047 INFO L225 Difference]: With dead ends: 537 [2024-11-09 23:18:52,048 INFO L226 Difference]: Without dead ends: 324 [2024-11-09 23:18:52,051 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:18:52,053 INFO L432 NwaCegarLoop]: 123 mSDtfsCounter, 85 mSDsluCounter, 405 mSDsCounter, 0 mSdLazyCounter, 74 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 87 SdHoareTripleChecker+Valid, 528 SdHoareTripleChecker+Invalid, 83 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 74 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:52,054 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [87 Valid, 528 Invalid, 83 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 74 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:52,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 324 states. [2024-11-09 23:18:52,093 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 324 to 322. [2024-11-09 23:18:52,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 322 states, 239 states have (on average 1.2635983263598327) internal successors, (302), 256 states have internal predecessors, (302), 52 states have call successors, (52), 35 states have call predecessors, (52), 30 states have return successors, (69), 44 states have call predecessors, (69), 47 states have call successors, (69) [2024-11-09 23:18:52,096 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 322 states to 322 states and 423 transitions. [2024-11-09 23:18:52,097 INFO L78 Accepts]: Start accepts. Automaton has 322 states and 423 transitions. Word has length 42 [2024-11-09 23:18:52,097 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:52,097 INFO L471 AbstractCegarLoop]: Abstraction has 322 states and 423 transitions. [2024-11-09 23:18:52,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 5 states have internal predecessors, (37), 2 states have call successors, (3), 1 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:18:52,097 INFO L276 IsEmpty]: Start isEmpty. Operand 322 states and 423 transitions. [2024-11-09 23:18:52,099 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-09 23:18:52,102 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:52,102 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:52,103 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:18:52,103 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:52,103 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:52,103 INFO L85 PathProgramCache]: Analyzing trace with hash 1589152467, now seen corresponding path program 1 times [2024-11-09 23:18:52,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:52,103 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1158003753] [2024-11-09 23:18:52,103 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:52,104 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:52,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,168 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-11-09 23:18:52,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,195 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:18:52,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,233 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-09 23:18:52,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,236 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:18:52,236 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:52,236 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1158003753] [2024-11-09 23:18:52,236 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1158003753] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:52,236 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:52,236 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-09 23:18:52,236 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1145704322] [2024-11-09 23:18:52,236 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:52,240 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-09 23:18:52,240 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:52,241 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-09 23:18:52,241 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:52,241 INFO L87 Difference]: Start difference. First operand 322 states and 423 transitions. Second operand has 7 states, 7 states have (on average 5.714285714285714) internal successors, (40), 6 states have internal predecessors, (40), 1 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:18:52,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:52,390 INFO L93 Difference]: Finished difference Result 641 states and 843 transitions. [2024-11-09 23:18:52,390 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:18:52,390 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.714285714285714) internal successors, (40), 6 states have internal predecessors, (40), 1 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 50 [2024-11-09 23:18:52,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:52,392 INFO L225 Difference]: With dead ends: 641 [2024-11-09 23:18:52,392 INFO L226 Difference]: Without dead ends: 327 [2024-11-09 23:18:52,393 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=23, Invalid=67, Unknown=0, NotChecked=0, Total=90 [2024-11-09 23:18:52,394 INFO L432 NwaCegarLoop]: 88 mSDtfsCounter, 69 mSDsluCounter, 356 mSDsCounter, 0 mSdLazyCounter, 150 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 444 SdHoareTripleChecker+Invalid, 164 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 150 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:52,394 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 444 Invalid, 164 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 150 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:52,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 327 states. [2024-11-09 23:18:52,412 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 327 to 324. [2024-11-09 23:18:52,412 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 324 states, 246 states have (on average 1.2682926829268293) internal successors, (312), 263 states have internal predecessors, (312), 41 states have call successors, (41), 30 states have call predecessors, (41), 36 states have return successors, (57), 42 states have call predecessors, (57), 41 states have call successors, (57) [2024-11-09 23:18:52,413 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 324 states to 324 states and 410 transitions. [2024-11-09 23:18:52,414 INFO L78 Accepts]: Start accepts. Automaton has 324 states and 410 transitions. Word has length 50 [2024-11-09 23:18:52,414 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:52,414 INFO L471 AbstractCegarLoop]: Abstraction has 324 states and 410 transitions. [2024-11-09 23:18:52,415 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.714285714285714) internal successors, (40), 6 states have internal predecessors, (40), 1 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-09 23:18:52,415 INFO L276 IsEmpty]: Start isEmpty. Operand 324 states and 410 transitions. [2024-11-09 23:18:52,416 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-09 23:18:52,416 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:52,416 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:52,416 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:18:52,416 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:52,417 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:52,417 INFO L85 PathProgramCache]: Analyzing trace with hash -386167184, now seen corresponding path program 1 times [2024-11-09 23:18:52,418 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:52,418 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1135709979] [2024-11-09 23:18:52,418 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:52,418 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:52,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,479 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-09 23:18:52,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,483 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-09 23:18:52,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,504 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-09 23:18:52,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,507 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:18:52,508 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:52,508 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1135709979] [2024-11-09 23:18:52,508 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1135709979] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:52,508 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:52,508 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:18:52,508 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [804390986] [2024-11-09 23:18:52,508 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:52,508 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:18:52,508 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:52,509 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:18:52,509 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:18:52,510 INFO L87 Difference]: Start difference. First operand 324 states and 410 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:52,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:52,603 INFO L93 Difference]: Finished difference Result 647 states and 838 transitions. [2024-11-09 23:18:52,603 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:18:52,603 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-09 23:18:52,604 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:52,605 INFO L225 Difference]: With dead ends: 647 [2024-11-09 23:18:52,605 INFO L226 Difference]: Without dead ends: 331 [2024-11-09 23:18:52,606 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:52,607 INFO L432 NwaCegarLoop]: 90 mSDtfsCounter, 53 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 90 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 300 SdHoareTripleChecker+Invalid, 103 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 90 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:52,609 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 300 Invalid, 103 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 90 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:52,611 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 331 states. [2024-11-09 23:18:52,632 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 331 to 328. [2024-11-09 23:18:52,633 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 328 states, 250 states have (on average 1.264) internal successors, (316), 267 states have internal predecessors, (316), 41 states have call successors, (41), 30 states have call predecessors, (41), 36 states have return successors, (57), 42 states have call predecessors, (57), 41 states have call successors, (57) [2024-11-09 23:18:52,635 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 328 states to 328 states and 414 transitions. [2024-11-09 23:18:52,635 INFO L78 Accepts]: Start accepts. Automaton has 328 states and 414 transitions. Word has length 52 [2024-11-09 23:18:52,636 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:52,636 INFO L471 AbstractCegarLoop]: Abstraction has 328 states and 414 transitions. [2024-11-09 23:18:52,637 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:52,637 INFO L276 IsEmpty]: Start isEmpty. Operand 328 states and 414 transitions. [2024-11-09 23:18:52,638 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-09 23:18:52,638 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:52,639 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:52,639 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:18:52,640 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:52,640 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:52,640 INFO L85 PathProgramCache]: Analyzing trace with hash -167312466, now seen corresponding path program 1 times [2024-11-09 23:18:52,640 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:52,640 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2118809984] [2024-11-09 23:18:52,640 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:52,640 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:52,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,727 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-09 23:18:52,730 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,736 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-09 23:18:52,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,751 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-09 23:18:52,752 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:52,754 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:18:52,754 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:52,755 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2118809984] [2024-11-09 23:18:52,755 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2118809984] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:52,755 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:52,755 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:18:52,755 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1659270668] [2024-11-09 23:18:52,755 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:52,755 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:18:52,756 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:52,758 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:18:52,758 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:18:52,759 INFO L87 Difference]: Start difference. First operand 328 states and 414 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:52,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:52,956 INFO L93 Difference]: Finished difference Result 991 states and 1299 transitions. [2024-11-09 23:18:52,957 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:18:52,957 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2024-11-09 23:18:52,957 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:52,961 INFO L225 Difference]: With dead ends: 991 [2024-11-09 23:18:52,961 INFO L226 Difference]: Without dead ends: 671 [2024-11-09 23:18:52,962 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:18:52,964 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 223 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 230 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:52,965 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [230 Valid, 316 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:18:52,966 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 671 states. [2024-11-09 23:18:53,003 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 671 to 663. [2024-11-09 23:18:53,005 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 663 states, 502 states have (on average 1.2330677290836654) internal successors, (619), 531 states have internal predecessors, (619), 88 states have call successors, (88), 71 states have call predecessors, (88), 72 states have return successors, (133), 86 states have call predecessors, (133), 88 states have call successors, (133) [2024-11-09 23:18:53,008 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 663 states to 663 states and 840 transitions. [2024-11-09 23:18:53,009 INFO L78 Accepts]: Start accepts. Automaton has 663 states and 840 transitions. Word has length 52 [2024-11-09 23:18:53,009 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:53,009 INFO L471 AbstractCegarLoop]: Abstraction has 663 states and 840 transitions. [2024-11-09 23:18:53,010 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:18:53,010 INFO L276 IsEmpty]: Start isEmpty. Operand 663 states and 840 transitions. [2024-11-09 23:18:53,011 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-09 23:18:53,011 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:53,011 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:53,011 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:18:53,012 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:53,012 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:53,012 INFO L85 PathProgramCache]: Analyzing trace with hash -863158804, now seen corresponding path program 1 times [2024-11-09 23:18:53,012 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:53,013 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [933387876] [2024-11-09 23:18:53,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:53,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:53,027 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,171 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:18:53,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,177 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-09 23:18:53,178 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,185 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-09 23:18:53,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,198 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-09 23:18:53,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,200 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:18:53,200 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:53,200 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [933387876] [2024-11-09 23:18:53,201 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [933387876] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:18:53,201 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:18:53,201 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-09 23:18:53,201 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1578207471] [2024-11-09 23:18:53,201 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:18:53,201 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-09 23:18:53,201 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:53,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-09 23:18:53,202 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-09 23:18:53,202 INFO L87 Difference]: Start difference. First operand 663 states and 840 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:18:53,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:53,738 INFO L93 Difference]: Finished difference Result 1715 states and 2279 transitions. [2024-11-09 23:18:53,739 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-09 23:18:53,739 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2024-11-09 23:18:53,739 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:53,743 INFO L225 Difference]: With dead ends: 1715 [2024-11-09 23:18:53,743 INFO L226 Difference]: Without dead ends: 1197 [2024-11-09 23:18:53,745 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 36 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 148 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=170, Invalid=532, Unknown=0, NotChecked=0, Total=702 [2024-11-09 23:18:53,746 INFO L432 NwaCegarLoop]: 105 mSDtfsCounter, 482 mSDsluCounter, 494 mSDsCounter, 0 mSdLazyCounter, 508 mSolverCounterSat, 149 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 490 SdHoareTripleChecker+Valid, 599 SdHoareTripleChecker+Invalid, 657 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 149 IncrementalHoareTripleChecker+Valid, 508 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:53,746 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [490 Valid, 599 Invalid, 657 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [149 Valid, 508 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-09 23:18:53,747 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1197 states. [2024-11-09 23:18:53,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1197 to 1009. [2024-11-09 23:18:53,787 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1009 states, 765 states have (on average 1.2183006535947711) internal successors, (932), 816 states have internal predecessors, (932), 131 states have call successors, (131), 98 states have call predecessors, (131), 112 states have return successors, (203), 126 states have call predecessors, (203), 131 states have call successors, (203) [2024-11-09 23:18:53,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1009 states to 1009 states and 1266 transitions. [2024-11-09 23:18:53,791 INFO L78 Accepts]: Start accepts. Automaton has 1009 states and 1266 transitions. Word has length 56 [2024-11-09 23:18:53,792 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:53,792 INFO L471 AbstractCegarLoop]: Abstraction has 1009 states and 1266 transitions. [2024-11-09 23:18:53,792 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:18:53,792 INFO L276 IsEmpty]: Start isEmpty. Operand 1009 states and 1266 transitions. [2024-11-09 23:18:53,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 96 [2024-11-09 23:18:53,794 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:18:53,794 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:53,794 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:18:53,794 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:18:53,794 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:18:53,795 INFO L85 PathProgramCache]: Analyzing trace with hash 2071277461, now seen corresponding path program 1 times [2024-11-09 23:18:53,795 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:18:53,795 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2058379179] [2024-11-09 23:18:53,795 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:53,795 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:18:53,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,903 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:18:53,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,916 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-09 23:18:53,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,934 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:18:53,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,942 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-09 23:18:53,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,948 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-09 23:18:53,949 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,959 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2024-11-09 23:18:53,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,961 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:18:53,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2024-11-09 23:18:53,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:53,964 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-09 23:18:53,964 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:18:53,964 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2058379179] [2024-11-09 23:18:53,964 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2058379179] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:18:53,964 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1835796401] [2024-11-09 23:18:53,964 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:18:53,965 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:53,965 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:18:53,966 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:18:53,967 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:18:54,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:18:54,037 INFO L255 TraceCheckSpWp]: Trace formula consists of 315 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-09 23:18:54,042 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:18:54,157 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:18:54,157 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:18:54,295 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-09 23:18:54,295 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1835796401] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:18:54,295 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:18:54,295 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-09 23:18:54,296 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1315126188] [2024-11-09 23:18:54,296 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:18:54,296 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-09 23:18:54,296 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:18:54,297 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-09 23:18:54,297 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-09 23:18:54,297 INFO L87 Difference]: Start difference. First operand 1009 states and 1266 transitions. Second operand has 16 states, 16 states have (on average 7.3125) internal successors, (117), 11 states have internal predecessors, (117), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-09 23:18:55,091 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:18:55,092 INFO L93 Difference]: Finished difference Result 2146 states and 2779 transitions. [2024-11-09 23:18:55,092 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-09 23:18:55,093 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.3125) internal successors, (117), 11 states have internal predecessors, (117), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 95 [2024-11-09 23:18:55,093 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:18:55,094 INFO L225 Difference]: With dead ends: 2146 [2024-11-09 23:18:55,094 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:18:55,100 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 247 GetRequests, 206 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 334 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=277, Invalid=1205, Unknown=0, NotChecked=0, Total=1482 [2024-11-09 23:18:55,101 INFO L432 NwaCegarLoop]: 170 mSDtfsCounter, 247 mSDsluCounter, 1350 mSDsCounter, 0 mSdLazyCounter, 1159 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 254 SdHoareTripleChecker+Valid, 1520 SdHoareTripleChecker+Invalid, 1233 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 1159 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-09 23:18:55,101 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [254 Valid, 1520 Invalid, 1233 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 1159 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-09 23:18:55,102 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:18:55,102 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:18:55,102 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:18:55,102 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:18:55,103 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 95 [2024-11-09 23:18:55,103 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:18:55,103 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:18:55,103 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.3125) internal successors, (117), 11 states have internal predecessors, (117), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-09 23:18:55,103 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:18:55,103 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:18:55,105 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:18:55,119 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 23:18:55,306 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:18:55,309 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:18:55,311 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:18:59,317 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:18:59,327 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse0 .cse1) (and (= 2 ~waterLevel~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) .cse1))) [2024-11-09 23:18:59,339 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1) (and (= |old(~pumpRunning~0)| 0) .cse2))) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-09 23:18:59,348 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-09 23:18:59,354 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2))) [2024-11-09 23:18:59,360 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:18:59 BoogieIcfgContainer [2024-11-09 23:18:59,362 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:18:59,362 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:18:59,362 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:18:59,362 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:18:59,363 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:18:51" (3/4) ... [2024-11-09 23:18:59,365 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:18:59,367 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 23:18:59,367 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:18:59,368 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-09 23:18:59,373 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 41 nodes and edges [2024-11-09 23:18:59,374 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:18:59,375 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:18:59,375 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:18:59,375 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:18:59,451 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:18:59,452 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:18:59,452 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:18:59,452 INFO L158 Benchmark]: Toolchain (without parser) took 9303.90ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 99.5MB in the beginning and 95.2MB in the end (delta: 4.3MB). Peak memory consumption was 86.8MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,452 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 113.2MB. Free memory is still 79.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:18:59,452 INFO L158 Benchmark]: CACSL2BoogieTranslator took 406.78ms. Allocated memory is still 167.8MB. Free memory was 99.2MB in the beginning and 133.8MB in the end (delta: -34.6MB). Peak memory consumption was 23.4MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,453 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.62ms. Allocated memory is still 167.8MB. Free memory was 133.8MB in the beginning and 131.0MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,453 INFO L158 Benchmark]: Boogie Preprocessor took 35.30ms. Allocated memory is still 167.8MB. Free memory was 131.0MB in the beginning and 128.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,453 INFO L158 Benchmark]: IcfgBuilder took 416.78ms. Allocated memory is still 167.8MB. Free memory was 128.9MB in the beginning and 109.4MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,453 INFO L158 Benchmark]: TraceAbstraction took 8313.66ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 108.7MB in the beginning and 103.6MB in the end (delta: 5.1MB). Peak memory consumption was 116.4MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,453 INFO L158 Benchmark]: Witness Printer took 89.56ms. Allocated memory is still 247.5MB. Free memory was 103.6MB in the beginning and 95.2MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:18:59,454 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 113.2MB. Free memory is still 79.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 406.78ms. Allocated memory is still 167.8MB. Free memory was 99.2MB in the beginning and 133.8MB in the end (delta: -34.6MB). Peak memory consumption was 23.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.62ms. Allocated memory is still 167.8MB. Free memory was 133.8MB in the beginning and 131.0MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.30ms. Allocated memory is still 167.8MB. Free memory was 131.0MB in the beginning and 128.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 416.78ms. Allocated memory is still 167.8MB. Free memory was 128.9MB in the beginning and 109.4MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 8313.66ms. Allocated memory was 167.8MB in the beginning and 247.5MB in the end (delta: 79.7MB). Free memory was 108.7MB in the beginning and 103.6MB in the end (delta: 5.1MB). Peak memory consumption was 116.4MB. Max. memory is 16.1GB. * Witness Printer took 89.56ms. Allocated memory is still 247.5MB. Free memory was 103.6MB in the beginning and 95.2MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [96] - GenericResultAtLocation [Line: 304]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [304] - GenericResultAtLocation [Line: 405]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [405] - GenericResultAtLocation [Line: 472]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [472] - GenericResultAtLocation [Line: 522]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [522] - GenericResultAtLocation [Line: 888]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [888] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 101 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.2s, OverallIterations: 7, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1483 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1446 mSDsluCounter, 4219 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3370 mSDsCounter, 348 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2229 IncrementalHoareTripleChecker+Invalid, 2577 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 348 mSolverCounterUnsat, 849 mSDtfsCounter, 2229 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 350 GetRequests, 253 SyntacticMatches, 4 SemanticMatches, 93 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 491 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1009occurred in iteration=6, InterpolantAutomatonStates: 84, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 7 MinimizatonAttempts, 212 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 480 NumberOfCodeBlocks, 480 NumberOfCodeBlocksAsserted, 8 NumberOfCheckSat, 566 ConstructedInterpolants, 0 QuantifiedInterpolants, 1152 SizeOfPredicates, 2 NumberOfNonLiveVariables, 315 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 9 InterpolantComputations, 6 PerfectInterpolantSequences, 91/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 416]: Location Invariant Derived location invariant: null - InvariantResult [Line: 316]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 206]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((2 == waterLevel) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 139]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 915]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 306]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 112]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) && (\old(waterLevel) == 2)))) && ((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 147]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((systemActive == \old(systemActive)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 903]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) <= 2))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 225]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) Ensures: (((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((pumpRunning == 0) && (waterLevel <= 2))) && (pumpRunning == \result)) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:18:59,477 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE