./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 023d838f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-023d838-m [2024-11-09 23:19:08,046 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 23:19:08,104 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-09 23:19:08,110 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 23:19:08,111 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 23:19:08,139 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 23:19:08,139 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 23:19:08,140 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 23:19:08,140 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-09 23:19:08,142 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-09 23:19:08,142 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 23:19:08,142 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 23:19:08,143 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-09 23:19:08,144 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-09 23:19:08,145 INFO L153 SettingsManager]: * Use SBE=true [2024-11-09 23:19:08,145 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 23:19:08,145 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 23:19:08,145 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 23:19:08,145 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 23:19:08,146 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 23:19:08,146 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 23:19:08,149 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 23:19:08,149 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 23:19:08,149 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 23:19:08,149 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 23:19:08,149 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 23:19:08,150 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 23:19:08,150 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 23:19:08,150 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-09 23:19:08,150 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-09 23:19:08,150 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 23:19:08,150 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 23:19:08,151 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:19:08,151 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 23:19:08,151 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 23:19:08,151 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 23:19:08,151 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-09 23:19:08,151 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 23:19:08,152 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 23:19:08,152 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-09 23:19:08,152 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-09 23:19:08,153 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 23:19:08,154 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2024-11-09 23:19:08,360 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 23:19:08,386 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 23:19:08,388 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 23:19:08,389 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 23:19:08,390 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 23:19:08,390 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-11-09 23:19:09,701 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 23:19:09,888 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 23:19:09,888 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2024-11-09 23:19:09,897 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/003385ae1/4ebf0b98d7984a3e83e1e68e9ade3820/FLAGf56361b48 [2024-11-09 23:19:10,274 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/003385ae1/4ebf0b98d7984a3e83e1e68e9ade3820 [2024-11-09 23:19:10,277 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 23:19:10,278 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 23:19:10,281 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 23:19:10,281 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 23:19:10,286 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 23:19:10,286 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,287 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@65fe39fa and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10, skipping insertion in model container [2024-11-09 23:19:10,287 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,317 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 23:19:10,611 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-09 23:19:10,639 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:19:10,651 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 23:19:10,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-09 23:19:10,663 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2024-11-09 23:19:10,663 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2024-11-09 23:19:10,663 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2024-11-09 23:19:10,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2024-11-09 23:19:10,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-11-09 23:19:10,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2024-11-09 23:19:10,664 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2024-11-09 23:19:10,709 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2024-11-09 23:19:10,716 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 23:19:10,733 INFO L204 MainTranslator]: Completed translation [2024-11-09 23:19:10,734 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10 WrapperNode [2024-11-09 23:19:10,734 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 23:19:10,735 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 23:19:10,735 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 23:19:10,735 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 23:19:10,740 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,750 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,770 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 234 [2024-11-09 23:19:10,771 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 23:19:10,771 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 23:19:10,772 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 23:19:10,772 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 23:19:10,781 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,781 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,783 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,794 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-09 23:19:10,795 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,795 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,799 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,800 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,801 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,801 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,803 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 23:19:10,804 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-09 23:19:10,804 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-09 23:19:10,804 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-09 23:19:10,805 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (1/1) ... [2024-11-09 23:19:10,809 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-09 23:19:10,817 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:19:10,830 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-09 23:19:10,834 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-09 23:19:10,873 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 23:19:10,874 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 23:19:10,874 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 23:19:10,874 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 23:19:10,874 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 23:19:10,874 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 23:19:10,875 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 23:19:10,875 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:10,875 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:10,875 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 23:19:10,875 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 23:19:10,875 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-09 23:19:10,876 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-09 23:19:10,876 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-09 23:19:10,876 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 23:19:10,876 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 23:19:10,876 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 23:19:10,876 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 23:19:10,949 INFO L256 CfgBuilder]: Building ICFG [2024-11-09 23:19:10,951 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 23:19:11,050 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L157-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~3#1; [2024-11-09 23:19:11,050 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L974-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~11#1; [2024-11-09 23:19:11,051 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L134-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~1#1; [2024-11-09 23:19:11,124 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L1017-1: valid_product_#res#1 := valid_product_~retValue_acc~13#1; [2024-11-09 23:19:11,124 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L677-1: main_#res#1 := main_~retValue_acc~7#1; [2024-11-09 23:19:11,155 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L102-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~0#1; [2024-11-09 23:19:11,155 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L891-1: isMethaneAlarm_#res#1 := isMethaneAlarm_~retValue_acc~8#1; [2024-11-09 23:19:11,156 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L955-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~10#1; [2024-11-09 23:19:11,156 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L148-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2024-11-09 23:19:11,161 INFO L1247 $ProcedureCfgBuilder]: dead code at ProgramPoint L900: #res := ~retValue_acc~9; [2024-11-09 23:19:11,177 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-09 23:19:11,177 INFO L307 CfgBuilder]: Performing block encoding [2024-11-09 23:19:11,196 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 23:19:11,196 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-09 23:19:11,201 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:11 BoogieIcfgContainer [2024-11-09 23:19:11,201 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-09 23:19:11,203 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 23:19:11,203 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 23:19:11,208 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 23:19:11,209 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 11:19:10" (1/3) ... [2024-11-09 23:19:11,209 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@361ed54d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:19:11, skipping insertion in model container [2024-11-09 23:19:11,209 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 11:19:10" (2/3) ... [2024-11-09 23:19:11,209 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@361ed54d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 11:19:11, skipping insertion in model container [2024-11-09 23:19:11,210 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:11" (3/3) ... [2024-11-09 23:19:11,211 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2024-11-09 23:19:11,223 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 23:19:11,223 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 23:19:11,269 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 23:19:11,274 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3964bf8e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 23:19:11,274 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 23:19:11,277 INFO L276 IsEmpty]: Start isEmpty. Operand has 101 states, 80 states have (on average 1.35) internal successors, (108), 88 states have internal predecessors, (108), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-09 23:19:11,284 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-09 23:19:11,284 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:11,285 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:11,285 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:11,289 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:11,289 INFO L85 PathProgramCache]: Analyzing trace with hash -1287400699, now seen corresponding path program 1 times [2024-11-09 23:19:11,296 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:11,296 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [705228810] [2024-11-09 23:19:11,296 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:11,296 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:11,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,445 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-09 23:19:11,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,451 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-09 23:19:11,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,456 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:11,457 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:11,457 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [705228810] [2024-11-09 23:19:11,457 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [705228810] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:11,457 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:11,458 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 23:19:11,459 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [12103859] [2024-11-09 23:19:11,459 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:11,463 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 23:19:11,463 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:11,504 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 23:19:11,505 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:19:11,507 INFO L87 Difference]: Start difference. First operand has 101 states, 80 states have (on average 1.35) internal successors, (108), 88 states have internal predecessors, (108), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:11,544 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:11,544 INFO L93 Difference]: Finished difference Result 192 states and 257 transitions. [2024-11-09 23:19:11,545 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 23:19:11,546 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-09 23:19:11,546 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:11,553 INFO L225 Difference]: With dead ends: 192 [2024-11-09 23:19:11,553 INFO L226 Difference]: Without dead ends: 90 [2024-11-09 23:19:11,556 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 23:19:11,558 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:11,559 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:11,572 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2024-11-09 23:19:11,586 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2024-11-09 23:19:11,588 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 71 states have (on average 1.295774647887324) internal successors, (92), 78 states have internal predecessors, (92), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-09 23:19:11,589 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 115 transitions. [2024-11-09 23:19:11,590 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 115 transitions. Word has length 34 [2024-11-09 23:19:11,591 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:11,591 INFO L471 AbstractCegarLoop]: Abstraction has 90 states and 115 transitions. [2024-11-09 23:19:11,591 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:11,591 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 115 transitions. [2024-11-09 23:19:11,593 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2024-11-09 23:19:11,593 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:11,593 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:11,594 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 23:19:11,594 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:11,594 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:11,594 INFO L85 PathProgramCache]: Analyzing trace with hash 63370187, now seen corresponding path program 1 times [2024-11-09 23:19:11,595 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:11,595 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [550243634] [2024-11-09 23:19:11,595 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:11,595 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:11,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,690 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-11-09 23:19:11,694 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,696 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-09 23:19:11,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,700 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:11,700 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:11,700 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [550243634] [2024-11-09 23:19:11,701 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [550243634] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:11,701 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:11,701 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:19:11,701 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1362205428] [2024-11-09 23:19:11,701 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:11,702 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:19:11,702 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:11,703 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:19:11,703 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:11,704 INFO L87 Difference]: Start difference. First operand 90 states and 115 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:11,718 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:11,719 INFO L93 Difference]: Finished difference Result 143 states and 183 transitions. [2024-11-09 23:19:11,719 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:19:11,719 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2024-11-09 23:19:11,720 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:11,721 INFO L225 Difference]: With dead ends: 143 [2024-11-09 23:19:11,721 INFO L226 Difference]: Without dead ends: 80 [2024-11-09 23:19:11,722 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:11,723 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 12 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 185 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:11,727 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 185 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:11,728 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-09 23:19:11,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-09 23:19:11,735 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 64 states have (on average 1.3125) internal successors, (84), 71 states have internal predecessors, (84), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-09 23:19:11,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 102 transitions. [2024-11-09 23:19:11,737 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 102 transitions. Word has length 36 [2024-11-09 23:19:11,737 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:11,737 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 102 transitions. [2024-11-09 23:19:11,737 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 23:19:11,737 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 102 transitions. [2024-11-09 23:19:11,738 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2024-11-09 23:19:11,738 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:11,738 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:11,739 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 23:19:11,739 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:11,739 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:11,739 INFO L85 PathProgramCache]: Analyzing trace with hash 482302392, now seen corresponding path program 1 times [2024-11-09 23:19:11,739 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:11,740 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2023080577] [2024-11-09 23:19:11,740 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:11,740 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:11,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,884 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:11,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,889 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-09 23:19:11,891 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:11,893 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:11,893 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:11,893 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2023080577] [2024-11-09 23:19:11,893 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2023080577] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:11,893 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:11,893 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:19:11,894 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1020639397] [2024-11-09 23:19:11,894 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:11,894 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:19:11,894 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:11,895 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:19:11,895 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:19:11,895 INFO L87 Difference]: Start difference. First operand 80 states and 102 transitions. Second operand has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:11,946 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:11,946 INFO L93 Difference]: Finished difference Result 152 states and 197 transitions. [2024-11-09 23:19:11,947 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:19:11,947 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 39 [2024-11-09 23:19:11,947 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:11,948 INFO L225 Difference]: With dead ends: 152 [2024-11-09 23:19:11,948 INFO L226 Difference]: Without dead ends: 80 [2024-11-09 23:19:11,949 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:11,950 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 92 mSDsluCounter, 194 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 92 SdHoareTripleChecker+Valid, 292 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:11,951 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [92 Valid, 292 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:11,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2024-11-09 23:19:11,958 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 80. [2024-11-09 23:19:11,959 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 64 states have (on average 1.296875) internal successors, (83), 71 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-09 23:19:11,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 101 transitions. [2024-11-09 23:19:11,960 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 101 transitions. Word has length 39 [2024-11-09 23:19:11,961 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:11,962 INFO L471 AbstractCegarLoop]: Abstraction has 80 states and 101 transitions. [2024-11-09 23:19:11,962 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.4) internal successors, (32), 5 states have internal predecessors, (32), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:11,962 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 101 transitions. [2024-11-09 23:19:11,963 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-09 23:19:11,963 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:11,964 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:11,964 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 23:19:11,964 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:11,965 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:11,965 INFO L85 PathProgramCache]: Analyzing trace with hash 2127104973, now seen corresponding path program 1 times [2024-11-09 23:19:11,965 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:11,965 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2073647764] [2024-11-09 23:19:11,965 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:11,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:11,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,078 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:12,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,085 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-09 23:19:12,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,091 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:12,093 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:12,094 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2073647764] [2024-11-09 23:19:12,094 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2073647764] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:12,094 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:12,094 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 23:19:12,094 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [89795602] [2024-11-09 23:19:12,095 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:12,096 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 23:19:12,096 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:12,096 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 23:19:12,098 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:12,098 INFO L87 Difference]: Start difference. First operand 80 states and 101 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:12,140 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:12,140 INFO L93 Difference]: Finished difference Result 202 states and 261 transitions. [2024-11-09 23:19:12,141 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 23:19:12,141 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2024-11-09 23:19:12,141 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:12,142 INFO L225 Difference]: With dead ends: 202 [2024-11-09 23:19:12,142 INFO L226 Difference]: Without dead ends: 130 [2024-11-09 23:19:12,143 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 23:19:12,144 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 60 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 174 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:12,148 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 174 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 23:19:12,149 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 130 states. [2024-11-09 23:19:12,169 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 130 to 127. [2024-11-09 23:19:12,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 127 states, 100 states have (on average 1.28) internal successors, (128), 108 states have internal predecessors, (128), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-09 23:19:12,171 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 127 states to 127 states and 160 transitions. [2024-11-09 23:19:12,173 INFO L78 Accepts]: Start accepts. Automaton has 127 states and 160 transitions. Word has length 47 [2024-11-09 23:19:12,174 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:12,174 INFO L471 AbstractCegarLoop]: Abstraction has 127 states and 160 transitions. [2024-11-09 23:19:12,174 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 23:19:12,174 INFO L276 IsEmpty]: Start isEmpty. Operand 127 states and 160 transitions. [2024-11-09 23:19:12,175 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 23:19:12,177 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:12,177 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:12,177 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 23:19:12,177 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:12,178 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:12,178 INFO L85 PathProgramCache]: Analyzing trace with hash 1658627451, now seen corresponding path program 1 times [2024-11-09 23:19:12,178 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:12,179 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [947898822] [2024-11-09 23:19:12,179 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:12,179 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:12,197 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,289 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:12,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,302 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:12,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,337 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:12,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,339 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-09 23:19:12,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,341 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:12,341 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:12,341 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [947898822] [2024-11-09 23:19:12,342 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [947898822] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:12,342 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:12,342 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:19:12,342 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [604957909] [2024-11-09 23:19:12,342 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:12,342 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:19:12,342 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:12,343 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:19:12,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:19:12,343 INFO L87 Difference]: Start difference. First operand 127 states and 160 transitions. Second operand has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:19:12,525 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:12,526 INFO L93 Difference]: Finished difference Result 378 states and 500 transitions. [2024-11-09 23:19:12,526 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 23:19:12,526 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 55 [2024-11-09 23:19:12,526 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:12,528 INFO L225 Difference]: With dead ends: 378 [2024-11-09 23:19:12,528 INFO L226 Difference]: Without dead ends: 259 [2024-11-09 23:19:12,530 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:19:12,530 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 160 mSDsluCounter, 268 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 166 SdHoareTripleChecker+Valid, 353 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:12,531 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [166 Valid, 353 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:12,531 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 259 states. [2024-11-09 23:19:12,551 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 259 to 250. [2024-11-09 23:19:12,552 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 250 states, 197 states have (on average 1.2741116751269035) internal successors, (251), 208 states have internal predecessors, (251), 28 states have call successors, (28), 22 states have call predecessors, (28), 24 states have return successors, (42), 28 states have call predecessors, (42), 28 states have call successors, (42) [2024-11-09 23:19:12,553 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 250 states to 250 states and 321 transitions. [2024-11-09 23:19:12,554 INFO L78 Accepts]: Start accepts. Automaton has 250 states and 321 transitions. Word has length 55 [2024-11-09 23:19:12,554 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:12,554 INFO L471 AbstractCegarLoop]: Abstraction has 250 states and 321 transitions. [2024-11-09 23:19:12,554 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.333333333333333) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-09 23:19:12,554 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 321 transitions. [2024-11-09 23:19:12,556 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-09 23:19:12,556 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:12,556 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:12,556 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 23:19:12,556 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:12,557 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:12,557 INFO L85 PathProgramCache]: Analyzing trace with hash 1792640957, now seen corresponding path program 1 times [2024-11-09 23:19:12,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:12,557 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [992066277] [2024-11-09 23:19:12,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:12,557 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:12,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,704 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:12,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,713 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:12,732 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,746 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-09 23:19:12,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,752 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-09 23:19:12,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:12,778 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 23:19:12,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:12,781 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [992066277] [2024-11-09 23:19:12,781 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [992066277] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:12,782 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:12,782 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-09 23:19:12,782 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [426266346] [2024-11-09 23:19:12,782 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:12,782 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-09 23:19:12,786 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:12,786 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-09 23:19:12,787 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:12,787 INFO L87 Difference]: Start difference. First operand 250 states and 321 transitions. Second operand has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2024-11-09 23:19:12,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:12,999 INFO L93 Difference]: Finished difference Result 492 states and 637 transitions. [2024-11-09 23:19:12,999 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-09 23:19:12,999 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 55 [2024-11-09 23:19:13,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:13,001 INFO L225 Difference]: With dead ends: 492 [2024-11-09 23:19:13,001 INFO L226 Difference]: Without dead ends: 250 [2024-11-09 23:19:13,002 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-09 23:19:13,003 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 121 mSDsluCounter, 337 mSDsCounter, 0 mSdLazyCounter, 167 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 195 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 167 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:13,003 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [127 Valid, 420 Invalid, 195 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 167 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 23:19:13,007 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2024-11-09 23:19:13,030 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 247. [2024-11-09 23:19:13,031 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 194 states have (on average 1.2474226804123711) internal successors, (242), 205 states have internal predecessors, (242), 28 states have call successors, (28), 22 states have call predecessors, (28), 24 states have return successors, (42), 28 states have call predecessors, (42), 28 states have call successors, (42) [2024-11-09 23:19:13,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 312 transitions. [2024-11-09 23:19:13,033 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 312 transitions. Word has length 55 [2024-11-09 23:19:13,033 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:13,033 INFO L471 AbstractCegarLoop]: Abstraction has 247 states and 312 transitions. [2024-11-09 23:19:13,033 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.571428571428571) internal successors, (46), 5 states have internal predecessors, (46), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2024-11-09 23:19:13,033 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 312 transitions. [2024-11-09 23:19:13,034 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-09 23:19:13,034 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:13,034 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:13,035 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 23:19:13,035 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:13,035 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:13,035 INFO L85 PathProgramCache]: Analyzing trace with hash 305067092, now seen corresponding path program 1 times [2024-11-09 23:19:13,035 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:13,035 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [722097657] [2024-11-09 23:19:13,035 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:13,036 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:13,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,078 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:13,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,085 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:13,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-09 23:19:13,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,125 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:13,125 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:13,125 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [722097657] [2024-11-09 23:19:13,125 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [722097657] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:13,125 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:13,125 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 23:19:13,125 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [536415422] [2024-11-09 23:19:13,125 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:13,126 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 23:19:13,126 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:13,127 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 23:19:13,127 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 23:19:13,127 INFO L87 Difference]: Start difference. First operand 247 states and 312 transitions. Second operand has 6 states, 6 states have (on average 8.0) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:19:13,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:13,241 INFO L93 Difference]: Finished difference Result 495 states and 642 transitions. [2024-11-09 23:19:13,241 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 23:19:13,241 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.0) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 57 [2024-11-09 23:19:13,242 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:13,243 INFO L225 Difference]: With dead ends: 495 [2024-11-09 23:19:13,245 INFO L226 Difference]: Without dead ends: 256 [2024-11-09 23:19:13,245 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 23:19:13,246 INFO L432 NwaCegarLoop]: 85 mSDtfsCounter, 60 mSDsluCounter, 281 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 64 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 128 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:13,246 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [64 Valid, 366 Invalid, 128 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:13,247 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2024-11-09 23:19:13,269 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 253. [2024-11-09 23:19:13,270 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 253 states, 200 states have (on average 1.24) internal successors, (248), 211 states have internal predecessors, (248), 28 states have call successors, (28), 22 states have call predecessors, (28), 24 states have return successors, (42), 28 states have call predecessors, (42), 28 states have call successors, (42) [2024-11-09 23:19:13,271 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 253 states to 253 states and 318 transitions. [2024-11-09 23:19:13,271 INFO L78 Accepts]: Start accepts. Automaton has 253 states and 318 transitions. Word has length 57 [2024-11-09 23:19:13,272 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:13,272 INFO L471 AbstractCegarLoop]: Abstraction has 253 states and 318 transitions. [2024-11-09 23:19:13,273 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.0) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:19:13,273 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 318 transitions. [2024-11-09 23:19:13,274 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-09 23:19:13,276 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:13,276 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:13,277 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 23:19:13,277 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:13,277 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:13,277 INFO L85 PathProgramCache]: Analyzing trace with hash 238060339, now seen corresponding path program 1 times [2024-11-09 23:19:13,277 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:13,277 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1883143342] [2024-11-09 23:19:13,277 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:13,278 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:13,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,319 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-09 23:19:13,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,323 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-09 23:19:13,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,343 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2024-11-09 23:19:13,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,345 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:13,346 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:13,346 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1883143342] [2024-11-09 23:19:13,346 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1883143342] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:13,346 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:13,346 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 23:19:13,346 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [682321039] [2024-11-09 23:19:13,346 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:13,347 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 23:19:13,347 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:13,347 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 23:19:13,347 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 23:19:13,348 INFO L87 Difference]: Start difference. First operand 253 states and 318 transitions. Second operand has 5 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:19:13,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:13,436 INFO L93 Difference]: Finished difference Result 453 states and 575 transitions. [2024-11-09 23:19:13,437 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-09 23:19:13,437 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 57 [2024-11-09 23:19:13,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:13,438 INFO L225 Difference]: With dead ends: 453 [2024-11-09 23:19:13,438 INFO L226 Difference]: Without dead ends: 208 [2024-11-09 23:19:13,439 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 23:19:13,440 INFO L432 NwaCegarLoop]: 86 mSDtfsCounter, 58 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 287 SdHoareTripleChecker+Invalid, 98 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:13,440 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 287 Invalid, 98 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 23:19:13,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 208 states. [2024-11-09 23:19:13,448 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 208 to 205. [2024-11-09 23:19:13,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 205 states, 161 states have (on average 1.2173913043478262) internal successors, (196), 170 states have internal predecessors, (196), 23 states have call successors, (23), 18 states have call predecessors, (23), 20 states have return successors, (30), 23 states have call predecessors, (30), 23 states have call successors, (30) [2024-11-09 23:19:13,449 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 205 states to 205 states and 249 transitions. [2024-11-09 23:19:13,450 INFO L78 Accepts]: Start accepts. Automaton has 205 states and 249 transitions. Word has length 57 [2024-11-09 23:19:13,450 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:13,450 INFO L471 AbstractCegarLoop]: Abstraction has 205 states and 249 transitions. [2024-11-09 23:19:13,450 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.6) internal successors, (48), 4 states have internal predecessors, (48), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-09 23:19:13,450 INFO L276 IsEmpty]: Start isEmpty. Operand 205 states and 249 transitions. [2024-11-09 23:19:13,451 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-09 23:19:13,451 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:13,451 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:13,451 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 23:19:13,451 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:13,452 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:13,452 INFO L85 PathProgramCache]: Analyzing trace with hash 84387059, now seen corresponding path program 1 times [2024-11-09 23:19:13,452 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:13,452 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [15386476] [2024-11-09 23:19:13,452 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:13,452 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:13,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,629 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:13,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,635 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-09 23:19:13,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,645 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-09 23:19:13,648 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,670 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-09 23:19:13,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:13,672 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-09 23:19:13,672 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:13,673 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [15386476] [2024-11-09 23:19:13,673 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [15386476] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 23:19:13,673 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 23:19:13,673 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-09 23:19:13,673 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1223727748] [2024-11-09 23:19:13,673 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 23:19:13,673 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-09 23:19:13,673 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:13,674 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-09 23:19:13,674 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-09 23:19:13,674 INFO L87 Difference]: Start difference. First operand 205 states and 249 transitions. Second operand has 10 states, 10 states have (on average 5.0) internal successors, (50), 8 states have internal predecessors, (50), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:19:14,185 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:14,186 INFO L93 Difference]: Finished difference Result 612 states and 797 transitions. [2024-11-09 23:19:14,186 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-09 23:19:14,186 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.0) internal successors, (50), 8 states have internal predecessors, (50), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 61 [2024-11-09 23:19:14,186 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:14,188 INFO L225 Difference]: With dead ends: 612 [2024-11-09 23:19:14,188 INFO L226 Difference]: Without dead ends: 466 [2024-11-09 23:19:14,189 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-09 23:19:14,192 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 622 mSDsluCounter, 447 mSDsCounter, 0 mSdLazyCounter, 417 mSolverCounterSat, 188 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 627 SdHoareTripleChecker+Valid, 551 SdHoareTripleChecker+Invalid, 605 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 188 IncrementalHoareTripleChecker+Valid, 417 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:14,192 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [627 Valid, 551 Invalid, 605 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [188 Valid, 417 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 23:19:14,193 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 466 states. [2024-11-09 23:19:14,221 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 466 to 438. [2024-11-09 23:19:14,222 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 438 states, 340 states have (on average 1.2058823529411764) internal successors, (410), 361 states have internal predecessors, (410), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-09 23:19:14,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 438 states to 438 states and 544 transitions. [2024-11-09 23:19:14,225 INFO L78 Accepts]: Start accepts. Automaton has 438 states and 544 transitions. Word has length 61 [2024-11-09 23:19:14,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:14,227 INFO L471 AbstractCegarLoop]: Abstraction has 438 states and 544 transitions. [2024-11-09 23:19:14,227 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.0) internal successors, (50), 8 states have internal predecessors, (50), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-09 23:19:14,227 INFO L276 IsEmpty]: Start isEmpty. Operand 438 states and 544 transitions. [2024-11-09 23:19:14,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 104 [2024-11-09 23:19:14,228 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 23:19:14,228 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:14,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-09 23:19:14,228 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 23:19:14,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 23:19:14,229 INFO L85 PathProgramCache]: Analyzing trace with hash 653358720, now seen corresponding path program 1 times [2024-11-09 23:19:14,229 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-09 23:19:14,229 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [688392482] [2024-11-09 23:19:14,229 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:14,229 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 23:19:14,245 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,351 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-09 23:19:14,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,364 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-09 23:19:14,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,388 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-09 23:19:14,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,397 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-09 23:19:14,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,409 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-11-09 23:19:14,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,422 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2024-11-09 23:19:14,423 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,425 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-09 23:19:14,425 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,426 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-11-09 23:19:14,428 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,430 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-09 23:19:14,430 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-09 23:19:14,430 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [688392482] [2024-11-09 23:19:14,431 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [688392482] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 23:19:14,431 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [904372515] [2024-11-09 23:19:14,431 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 23:19:14,431 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 23:19:14,431 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-09 23:19:14,433 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 23:19:14,436 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 23:19:14,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 23:19:14,542 INFO L255 TraceCheckSpWp]: Trace formula consists of 343 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-09 23:19:14,549 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 23:19:14,732 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 23:19:14,732 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 23:19:14,938 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-09 23:19:14,938 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [904372515] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 23:19:14,938 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 23:19:14,939 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2024-11-09 23:19:14,939 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [767275953] [2024-11-09 23:19:14,939 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 23:19:14,939 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-09 23:19:14,940 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-09 23:19:14,940 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-09 23:19:14,940 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2024-11-09 23:19:14,941 INFO L87 Difference]: Start difference. First operand 438 states and 544 transitions. Second operand has 16 states, 16 states have (on average 8.0) internal successors, (128), 11 states have internal predecessors, (128), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-09 23:19:15,824 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 23:19:15,824 INFO L93 Difference]: Finished difference Result 902 states and 1147 transitions. [2024-11-09 23:19:15,828 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2024-11-09 23:19:15,828 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 8.0) internal successors, (128), 11 states have internal predecessors, (128), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 103 [2024-11-09 23:19:15,829 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 23:19:15,829 INFO L225 Difference]: With dead ends: 902 [2024-11-09 23:19:15,829 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 23:19:15,832 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 261 GetRequests, 222 SyntacticMatches, 4 SemanticMatches, 35 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 277 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=254, Invalid=1078, Unknown=0, NotChecked=0, Total=1332 [2024-11-09 23:19:15,832 INFO L432 NwaCegarLoop]: 170 mSDtfsCounter, 280 mSDsluCounter, 1299 mSDsCounter, 0 mSdLazyCounter, 1019 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 287 SdHoareTripleChecker+Valid, 1469 SdHoareTripleChecker+Invalid, 1080 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 1019 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-09 23:19:15,833 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [287 Valid, 1469 Invalid, 1080 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 1019 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-09 23:19:15,834 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 23:19:15,834 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 23:19:15,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 23:19:15,836 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 23:19:15,836 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 103 [2024-11-09 23:19:15,836 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 23:19:15,836 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 23:19:15,836 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 8.0) internal successors, (128), 11 states have internal predecessors, (128), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2024-11-09 23:19:15,836 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 23:19:15,837 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 23:19:15,840 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 23:19:15,855 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-09 23:19:16,041 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 23:19:16,045 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 23:19:16,047 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 23:19:18,316 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 23:19:18,357 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= |old(~pumpRunning~0)| 0) .cse2 .cse1) (and (<= 1 |old(~switchedOnBeforeTS~0)|) .cse2 .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-09 23:19:18,365 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|) .cse1) (and (= |old(~pumpRunning~0)| 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-09 23:19:18,370 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse2 .cse1) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= ~waterLevel~0 2)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse1) (and (= ~pumpRunning~0 0) .cse2 .cse1))) [2024-11-09 23:19:18,385 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 11:19:18 BoogieIcfgContainer [2024-11-09 23:19:18,386 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 23:19:18,386 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 23:19:18,386 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 23:19:18,386 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 23:19:18,387 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 09.11 11:19:11" (3/4) ... [2024-11-09 23:19:18,389 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 23:19:18,393 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-09 23:19:18,404 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 45 nodes and edges [2024-11-09 23:19:18,404 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-09 23:19:18,404 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 23:19:18,405 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:19:18,405 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 23:19:18,491 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-09 23:19:18,491 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-09 23:19:18,491 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 23:19:18,492 INFO L158 Benchmark]: Toolchain (without parser) took 8213.95ms. Allocated memory was 142.6MB in the beginning and 272.6MB in the end (delta: 130.0MB). Free memory was 72.8MB in the beginning and 129.9MB in the end (delta: -57.2MB). Peak memory consumption was 73.3MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,492 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 142.6MB. Free memory is still 93.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 23:19:18,492 INFO L158 Benchmark]: CACSL2BoogieTranslator took 452.80ms. Allocated memory was 142.6MB in the beginning and 226.5MB in the end (delta: 83.9MB). Free memory was 72.6MB in the beginning and 187.6MB in the end (delta: -115.0MB). Peak memory consumption was 15.6MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,493 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.37ms. Allocated memory is still 226.5MB. Free memory was 187.6MB in the beginning and 185.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,493 INFO L158 Benchmark]: Boogie Preprocessor took 31.80ms. Allocated memory is still 226.5MB. Free memory was 185.5MB in the beginning and 183.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,493 INFO L158 Benchmark]: IcfgBuilder took 397.69ms. Allocated memory is still 226.5MB. Free memory was 183.4MB in the beginning and 161.4MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,493 INFO L158 Benchmark]: TraceAbstraction took 7182.69ms. Allocated memory was 226.5MB in the beginning and 272.6MB in the end (delta: 46.1MB). Free memory was 160.4MB in the beginning and 138.3MB in the end (delta: 22.0MB). Peak memory consumption was 127.0MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,494 INFO L158 Benchmark]: Witness Printer took 105.39ms. Allocated memory is still 272.6MB. Free memory was 138.3MB in the beginning and 129.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-09 23:19:18,495 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 142.6MB. Free memory is still 93.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 452.80ms. Allocated memory was 142.6MB in the beginning and 226.5MB in the end (delta: 83.9MB). Free memory was 72.6MB in the beginning and 187.6MB in the end (delta: -115.0MB). Peak memory consumption was 15.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.37ms. Allocated memory is still 226.5MB. Free memory was 187.6MB in the beginning and 185.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 31.80ms. Allocated memory is still 226.5MB. Free memory was 185.5MB in the beginning and 183.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 397.69ms. Allocated memory is still 226.5MB. Free memory was 183.4MB in the beginning and 161.4MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 7182.69ms. Allocated memory was 226.5MB in the beginning and 272.6MB in the end (delta: 46.1MB). Free memory was 160.4MB in the beginning and 138.3MB in the end (delta: 22.0MB). Peak memory consumption was 127.0MB. Max. memory is 16.1GB. * Witness Printer took 105.39ms. Allocated memory is still 272.6MB. Free memory was 138.3MB in the beginning and 129.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 101 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.8s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1500 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1465 mSDsluCounter, 4222 SdHoareTripleChecker+Invalid, 1.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3179 mSDsCounter, 339 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1955 IncrementalHoareTripleChecker+Invalid, 2294 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 339 mSolverCounterUnsat, 1043 mSDtfsCounter, 1955 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 398 GetRequests, 297 SyntacticMatches, 4 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 433 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=438occurred in iteration=9, InterpolantAutomatonStates: 91, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 49 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 647 NumberOfCodeBlocks, 647 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 738 ConstructedInterpolants, 0 QuantifiedInterpolants, 1436 SizeOfPredicates, 2 NumberOfNonLiveVariables, 343 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 701]: Location Invariant Derived location invariant: null - InvariantResult [Line: 590]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 790]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) && ((((((waterLevel == \old(waterLevel)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 763]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && (((((1 <= \old(pumpRunning)) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= \old(switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 580]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 798]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive)) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && (((((1 <= pumpRunning) && (0 != systemActive)) && (\old(waterLevel) == 2)) || (((pumpRunning == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive)))) && ((((((methaneLevelCritical == \old(methaneLevelCritical)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 894]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((pumpRunning == 0) && (waterLevel <= 2)) && (0 != systemActive)))) && (((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 23:19:18,528 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE