./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8be7027f Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b --- Real Ultimate output --- This is Ultimate 0.2.5-wip.dk.perfect-tracechecks-8be7027-m [2024-11-11 20:54:21,153 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-11 20:54:21,203 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-11 20:54:21,209 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-11 20:54:21,210 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-11 20:54:21,231 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-11 20:54:21,232 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-11 20:54:21,232 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-11 20:54:21,233 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-11 20:54:21,233 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-11 20:54:21,233 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-11 20:54:21,234 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-11 20:54:21,234 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-11 20:54:21,235 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-11 20:54:21,235 INFO L153 SettingsManager]: * Use SBE=true [2024-11-11 20:54:21,236 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-11 20:54:21,236 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-11 20:54:21,236 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-11 20:54:21,236 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-11 20:54:21,237 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-11 20:54:21,239 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-11 20:54:21,239 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-11 20:54:21,239 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-11 20:54:21,240 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-11 20:54:21,240 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:54:21,241 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-11 20:54:21,241 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-11 20:54:21,242 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-11 20:54:21,242 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-11 20:54:21,243 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-11 20:54:21,243 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e1c4d106eb612b91999bdca4bb49f57df1223b70f35ecd881d6daa6062cb1b0b [2024-11-11 20:54:21,462 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-11 20:54:21,484 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-11 20:54:21,487 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-11 20:54:21,488 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-11 20:54:21,488 INFO L274 PluginConnector]: CDTParser initialized [2024-11-11 20:54:21,489 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2024-11-11 20:54:22,635 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-11 20:54:22,837 INFO L384 CDTParser]: Found 1 translation units. [2024-11-11 20:54:22,838 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c [2024-11-11 20:54:22,850 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b7c09ef9/58def37603bd42a2979798cd84538ca9/FLAG98f9dcfd1 [2024-11-11 20:54:23,229 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5b7c09ef9/58def37603bd42a2979798cd84538ca9 [2024-11-11 20:54:23,232 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-11 20:54:23,233 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-11 20:54:23,234 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-11 20:54:23,234 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-11 20:54:23,239 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-11 20:54:23,239 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,240 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6311db55 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23, skipping insertion in model container [2024-11-11 20:54:23,240 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,276 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-11 20:54:23,460 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2024-11-11 20:54:23,557 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:54:23,571 INFO L200 MainTranslator]: Completed pre-run [2024-11-11 20:54:23,579 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-11 20:54:23,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-11 20:54:23,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [96] [2024-11-11 20:54:23,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [165] [2024-11-11 20:54:23,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [398] [2024-11-11 20:54:23,580 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [502] [2024-11-11 20:54:23,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [536] [2024-11-11 20:54:23,581 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [902] [2024-11-11 20:54:23,586 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product53.cil.c[1605,1618] [2024-11-11 20:54:23,629 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-11 20:54:23,645 INFO L204 MainTranslator]: Completed translation [2024-11-11 20:54:23,645 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23 WrapperNode [2024-11-11 20:54:23,645 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-11 20:54:23,646 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-11 20:54:23,646 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-11 20:54:23,646 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-11 20:54:23,651 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,660 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,679 INFO L138 Inliner]: procedures = 56, calls = 103, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 228 [2024-11-11 20:54:23,682 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-11 20:54:23,683 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-11 20:54:23,684 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-11 20:54:23,684 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-11 20:54:23,691 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,691 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,693 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,702 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-11 20:54:23,702 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,702 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,706 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,708 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,709 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,710 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,712 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-11 20:54:23,713 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-11 20:54:23,713 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-11 20:54:23,713 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-11 20:54:23,714 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (1/1) ... [2024-11-11 20:54:23,720 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-11 20:54:23,732 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:54:23,747 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-11 20:54:23,749 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-11 20:54:23,790 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-11 20:54:23,791 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-11 20:54:23,791 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-11 20:54:23,791 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-11 20:54:23,791 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-11 20:54:23,791 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-11 20:54:23,791 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-11 20:54:23,792 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-11 20:54:23,792 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-11 20:54:23,792 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:54:23,792 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:54:23,792 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-11 20:54:23,793 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-11 20:54:23,793 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:54:23,793 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:54:23,793 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-11 20:54:23,793 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-11 20:54:23,794 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-11 20:54:23,794 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-11 20:54:23,794 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-11 20:54:23,795 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-11 20:54:23,795 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-11 20:54:23,874 INFO L238 CfgBuilder]: Building ICFG [2024-11-11 20:54:23,875 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-11 20:54:24,110 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-11 20:54:24,111 INFO L287 CfgBuilder]: Performing block encoding [2024-11-11 20:54:24,127 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-11 20:54:24,128 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-11 20:54:24,128 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:54:24 BoogieIcfgContainer [2024-11-11 20:54:24,128 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-11 20:54:24,130 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-11 20:54:24,130 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-11 20:54:24,133 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-11 20:54:24,133 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 11.11 08:54:23" (1/3) ... [2024-11-11 20:54:24,133 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6b85d74 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:54:24, skipping insertion in model container [2024-11-11 20:54:24,134 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 11.11 08:54:23" (2/3) ... [2024-11-11 20:54:24,134 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6b85d74 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 11.11 08:54:24, skipping insertion in model container [2024-11-11 20:54:24,134 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:54:24" (3/3) ... [2024-11-11 20:54:24,135 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product53.cil.c [2024-11-11 20:54:24,147 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-11 20:54:24,148 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-11 20:54:24,197 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-11 20:54:24,202 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@720cfb85, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-11 20:54:24,202 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-11 20:54:24,206 INFO L276 IsEmpty]: Start isEmpty. Operand has 102 states, 75 states have (on average 1.3866666666666667) internal successors, (104), 85 states have internal predecessors, (104), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-11 20:54:24,212 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-11 20:54:24,214 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:24,214 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:24,215 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:24,220 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:24,221 INFO L85 PathProgramCache]: Analyzing trace with hash 1763060088, now seen corresponding path program 1 times [2024-11-11 20:54:24,227 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:24,228 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1470602952] [2024-11-11 20:54:24,228 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:24,228 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:24,324 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,384 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-11 20:54:24,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,390 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:24,391 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:24,391 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1470602952] [2024-11-11 20:54:24,392 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1470602952] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:24,392 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:24,392 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-11 20:54:24,394 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [768614174] [2024-11-11 20:54:24,394 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:24,397 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-11 20:54:24,397 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:24,414 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-11 20:54:24,415 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:54:24,416 INFO L87 Difference]: Start difference. First operand has 102 states, 75 states have (on average 1.3866666666666667) internal successors, (104), 85 states have internal predecessors, (104), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,441 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:24,441 INFO L93 Difference]: Finished difference Result 196 states and 267 transitions. [2024-11-11 20:54:24,442 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-11 20:54:24,443 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-11 20:54:24,443 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:24,449 INFO L225 Difference]: With dead ends: 196 [2024-11-11 20:54:24,449 INFO L226 Difference]: Without dead ends: 93 [2024-11-11 20:54:24,451 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-11 20:54:24,453 INFO L435 NwaCegarLoop]: 130 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:24,454 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:54:24,465 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2024-11-11 20:54:24,480 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2024-11-11 20:54:24,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 68 states have (on average 1.3235294117647058) internal successors, (90), 77 states have internal predecessors, (90), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-11 20:54:24,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 121 transitions. [2024-11-11 20:54:24,483 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 121 transitions. Word has length 25 [2024-11-11 20:54:24,484 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:24,484 INFO L471 AbstractCegarLoop]: Abstraction has 93 states and 121 transitions. [2024-11-11 20:54:24,484 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,484 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 121 transitions. [2024-11-11 20:54:24,486 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-11 20:54:24,490 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:24,490 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:24,490 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-11 20:54:24,491 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:24,491 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:24,491 INFO L85 PathProgramCache]: Analyzing trace with hash 1681284877, now seen corresponding path program 1 times [2024-11-11 20:54:24,491 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:24,492 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [43084899] [2024-11-11 20:54:24,492 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:24,492 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:24,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,581 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-11 20:54:24,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,585 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:24,586 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:24,586 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [43084899] [2024-11-11 20:54:24,586 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [43084899] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:24,586 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:24,586 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:54:24,587 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [864424181] [2024-11-11 20:54:24,587 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:24,588 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:54:24,588 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:24,588 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:54:24,589 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:54:24,589 INFO L87 Difference]: Start difference. First operand 93 states and 121 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,604 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:24,604 INFO L93 Difference]: Finished difference Result 152 states and 198 transitions. [2024-11-11 20:54:24,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:54:24,605 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-11 20:54:24,605 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:24,606 INFO L225 Difference]: With dead ends: 152 [2024-11-11 20:54:24,606 INFO L226 Difference]: Without dead ends: 84 [2024-11-11 20:54:24,607 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:54:24,608 INFO L435 NwaCegarLoop]: 108 mSDtfsCounter, 12 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:24,608 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 200 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:54:24,609 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2024-11-11 20:54:24,616 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2024-11-11 20:54:24,616 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 62 states have (on average 1.3387096774193548) internal successors, (83), 71 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-11 20:54:24,617 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 109 transitions. [2024-11-11 20:54:24,619 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 109 transitions. Word has length 26 [2024-11-11 20:54:24,619 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:24,619 INFO L471 AbstractCegarLoop]: Abstraction has 84 states and 109 transitions. [2024-11-11 20:54:24,619 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,620 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 109 transitions. [2024-11-11 20:54:24,623 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-11 20:54:24,623 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:24,624 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:24,624 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-11 20:54:24,624 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:24,625 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:24,625 INFO L85 PathProgramCache]: Analyzing trace with hash -1900585844, now seen corresponding path program 1 times [2024-11-11 20:54:24,626 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:24,626 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1173398984] [2024-11-11 20:54:24,626 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:24,627 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:24,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,722 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:24,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,725 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:24,725 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:24,726 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1173398984] [2024-11-11 20:54:24,726 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1173398984] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:24,726 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:24,726 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-11 20:54:24,726 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1073794355] [2024-11-11 20:54:24,726 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:24,729 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-11 20:54:24,729 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:24,730 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-11 20:54:24,732 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:54:24,732 INFO L87 Difference]: Start difference. First operand 84 states and 109 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,751 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:24,751 INFO L93 Difference]: Finished difference Result 161 states and 212 transitions. [2024-11-11 20:54:24,752 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-11 20:54:24,752 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2024-11-11 20:54:24,752 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:24,754 INFO L225 Difference]: With dead ends: 161 [2024-11-11 20:54:24,755 INFO L226 Difference]: Without dead ends: 84 [2024-11-11 20:54:24,755 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-11 20:54:24,757 INFO L435 NwaCegarLoop]: 107 mSDtfsCounter, 91 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 107 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:24,759 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 107 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-11 20:54:24,759 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2024-11-11 20:54:24,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2024-11-11 20:54:24,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 71 states have internal predecessors, (82), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-11 20:54:24,773 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 108 transitions. [2024-11-11 20:54:24,774 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 108 transitions. Word has length 30 [2024-11-11 20:54:24,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:24,774 INFO L471 AbstractCegarLoop]: Abstraction has 84 states and 108 transitions. [2024-11-11 20:54:24,774 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-11 20:54:24,774 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 108 transitions. [2024-11-11 20:54:24,775 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2024-11-11 20:54:24,775 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:24,775 INFO L218 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:24,775 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-11 20:54:24,775 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:24,776 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:24,776 INFO L85 PathProgramCache]: Analyzing trace with hash 810060833, now seen corresponding path program 1 times [2024-11-11 20:54:24,776 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:24,776 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1460761913] [2024-11-11 20:54:24,776 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:24,778 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:24,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,848 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:24,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,854 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2024-11-11 20:54:24,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,856 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2024-11-11 20:54:24,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:24,858 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-11 20:54:24,858 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:24,858 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1460761913] [2024-11-11 20:54:24,858 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1460761913] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:24,858 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:24,858 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-11 20:54:24,858 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [697017848] [2024-11-11 20:54:24,859 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:24,859 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-11 20:54:24,859 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:24,859 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-11 20:54:24,860 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-11 20:54:24,860 INFO L87 Difference]: Start difference. First operand 84 states and 108 transitions. Second operand has 4 states, 4 states have (on average 8.5) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-11 20:54:25,010 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:25,011 INFO L93 Difference]: Finished difference Result 243 states and 317 transitions. [2024-11-11 20:54:25,011 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-11 20:54:25,011 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 43 [2024-11-11 20:54:25,011 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:25,013 INFO L225 Difference]: With dead ends: 243 [2024-11-11 20:54:25,014 INFO L226 Difference]: Without dead ends: 166 [2024-11-11 20:54:25,015 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-11 20:54:25,015 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 154 mSDsluCounter, 119 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 160 SdHoareTripleChecker+Valid, 219 SdHoareTripleChecker+Invalid, 123 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:25,016 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [160 Valid, 219 Invalid, 123 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:54:25,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 166 states. [2024-11-11 20:54:25,034 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 166 to 160. [2024-11-11 20:54:25,036 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 120 states have (on average 1.2916666666666667) internal successors, (155), 128 states have internal predecessors, (155), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-11 20:54:25,037 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 204 transitions. [2024-11-11 20:54:25,037 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 204 transitions. Word has length 43 [2024-11-11 20:54:25,037 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:25,037 INFO L471 AbstractCegarLoop]: Abstraction has 160 states and 204 transitions. [2024-11-11 20:54:25,038 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.5) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-11 20:54:25,038 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 204 transitions. [2024-11-11 20:54:25,040 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-11 20:54:25,040 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:25,040 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:25,041 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-11 20:54:25,041 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:25,041 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:25,041 INFO L85 PathProgramCache]: Analyzing trace with hash 1861351509, now seen corresponding path program 1 times [2024-11-11 20:54:25,041 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:25,041 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1581601310] [2024-11-11 20:54:25,041 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:25,041 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:25,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,147 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:25,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,155 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:25,158 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,178 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-11 20:54:25,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,180 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:25,181 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:25,181 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1581601310] [2024-11-11 20:54:25,182 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1581601310] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:25,182 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:25,182 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:54:25,182 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1452165065] [2024-11-11 20:54:25,183 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:25,183 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:54:25,183 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:25,183 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:54:25,183 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:54:25,184 INFO L87 Difference]: Start difference. First operand 160 states and 204 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-11 20:54:25,371 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:25,371 INFO L93 Difference]: Finished difference Result 412 states and 553 transitions. [2024-11-11 20:54:25,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:54:25,371 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 3 states have call successors, (3) Word has length 49 [2024-11-11 20:54:25,372 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:25,373 INFO L225 Difference]: With dead ends: 412 [2024-11-11 20:54:25,373 INFO L226 Difference]: Without dead ends: 259 [2024-11-11 20:54:25,374 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:54:25,374 INFO L435 NwaCegarLoop]: 97 mSDtfsCounter, 146 mSDsluCounter, 305 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:25,375 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 402 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:54:25,376 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 259 states. [2024-11-11 20:54:25,414 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 259 to 253. [2024-11-11 20:54:25,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 253 states, 191 states have (on average 1.2827225130890052) internal successors, (245), 201 states have internal predecessors, (245), 30 states have call successors, (30), 26 states have call predecessors, (30), 31 states have return successors, (49), 32 states have call predecessors, (49), 30 states have call successors, (49) [2024-11-11 20:54:25,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 253 states to 253 states and 324 transitions. [2024-11-11 20:54:25,420 INFO L78 Accepts]: Start accepts. Automaton has 253 states and 324 transitions. Word has length 49 [2024-11-11 20:54:25,420 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:25,420 INFO L471 AbstractCegarLoop]: Abstraction has 253 states and 324 transitions. [2024-11-11 20:54:25,421 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-11 20:54:25,421 INFO L276 IsEmpty]: Start isEmpty. Operand 253 states and 324 transitions. [2024-11-11 20:54:25,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-11 20:54:25,423 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:25,423 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:25,423 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-11 20:54:25,423 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:25,424 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:25,424 INFO L85 PathProgramCache]: Analyzing trace with hash 1995365015, now seen corresponding path program 1 times [2024-11-11 20:54:25,424 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:25,424 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1080449703] [2024-11-11 20:54:25,424 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:25,424 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:25,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,482 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:25,486 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,495 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:25,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,522 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-11 20:54:25,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,527 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:25,527 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:25,527 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1080449703] [2024-11-11 20:54:25,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1080449703] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:25,528 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:25,528 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:54:25,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [460680890] [2024-11-11 20:54:25,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:25,530 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:54:25,530 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:25,531 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:54:25,531 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:54:25,531 INFO L87 Difference]: Start difference. First operand 253 states and 324 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:54:25,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:25,663 INFO L93 Difference]: Finished difference Result 507 states and 661 transitions. [2024-11-11 20:54:25,663 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:54:25,663 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 49 [2024-11-11 20:54:25,664 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:25,665 INFO L225 Difference]: With dead ends: 507 [2024-11-11 20:54:25,668 INFO L226 Difference]: Without dead ends: 261 [2024-11-11 20:54:25,669 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:54:25,670 INFO L435 NwaCegarLoop]: 100 mSDtfsCounter, 61 mSDsluCounter, 324 mSDsCounter, 0 mSdLazyCounter, 142 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 424 SdHoareTripleChecker+Invalid, 157 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:25,670 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 424 Invalid, 157 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 142 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:54:25,673 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 261 states. [2024-11-11 20:54:25,696 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 261 to 259. [2024-11-11 20:54:25,697 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 259 states, 197 states have (on average 1.2741116751269035) internal successors, (251), 207 states have internal predecessors, (251), 30 states have call successors, (30), 26 states have call predecessors, (30), 31 states have return successors, (49), 32 states have call predecessors, (49), 30 states have call successors, (49) [2024-11-11 20:54:25,698 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 259 states to 259 states and 330 transitions. [2024-11-11 20:54:25,699 INFO L78 Accepts]: Start accepts. Automaton has 259 states and 330 transitions. Word has length 49 [2024-11-11 20:54:25,699 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:25,699 INFO L471 AbstractCegarLoop]: Abstraction has 259 states and 330 transitions. [2024-11-11 20:54:25,700 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:54:25,700 INFO L276 IsEmpty]: Start isEmpty. Operand 259 states and 330 transitions. [2024-11-11 20:54:25,700 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-11 20:54:25,700 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:25,701 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:25,701 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-11 20:54:25,701 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:25,702 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:25,702 INFO L85 PathProgramCache]: Analyzing trace with hash -2080747563, now seen corresponding path program 1 times [2024-11-11 20:54:25,702 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:25,702 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1326140418] [2024-11-11 20:54:25,703 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:25,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:25,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,770 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:25,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,781 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:25,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,821 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2024-11-11 20:54:25,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:25,824 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:25,824 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:25,824 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1326140418] [2024-11-11 20:54:25,824 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1326140418] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:25,825 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:25,825 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:54:25,825 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1935221120] [2024-11-11 20:54:25,825 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:25,826 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:54:25,826 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:25,826 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:54:25,826 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:54:25,827 INFO L87 Difference]: Start difference. First operand 259 states and 330 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:54:25,989 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:25,989 INFO L93 Difference]: Finished difference Result 472 states and 614 transitions. [2024-11-11 20:54:25,989 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-11 20:54:25,990 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 49 [2024-11-11 20:54:25,990 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:25,992 INFO L225 Difference]: With dead ends: 472 [2024-11-11 20:54:25,994 INFO L226 Difference]: Without dead ends: 220 [2024-11-11 20:54:25,995 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:54:25,996 INFO L435 NwaCegarLoop]: 77 mSDtfsCounter, 152 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 38 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 156 SdHoareTripleChecker+Valid, 259 SdHoareTripleChecker+Invalid, 152 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 38 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:25,996 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [156 Valid, 259 Invalid, 152 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [38 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:54:25,997 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 220 states. [2024-11-11 20:54:26,010 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 220 to 218. [2024-11-11 20:54:26,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218 states, 165 states have (on average 1.2545454545454546) internal successors, (207), 174 states have internal predecessors, (207), 26 states have call successors, (26), 22 states have call predecessors, (26), 26 states have return successors, (37), 27 states have call predecessors, (37), 26 states have call successors, (37) [2024-11-11 20:54:26,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 270 transitions. [2024-11-11 20:54:26,012 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 270 transitions. Word has length 49 [2024-11-11 20:54:26,012 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:26,012 INFO L471 AbstractCegarLoop]: Abstraction has 218 states and 270 transitions. [2024-11-11 20:54:26,012 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-11 20:54:26,012 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 270 transitions. [2024-11-11 20:54:26,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-11 20:54:26,013 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:26,013 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:26,013 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-11 20:54:26,014 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:26,014 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:26,014 INFO L85 PathProgramCache]: Analyzing trace with hash 1736726981, now seen corresponding path program 1 times [2024-11-11 20:54:26,014 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:26,014 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [655331179] [2024-11-11 20:54:26,015 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:26,015 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:26,024 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,074 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:26,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,081 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:26,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,084 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-11 20:54:26,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,086 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2024-11-11 20:54:26,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,089 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:26,089 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:26,090 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [655331179] [2024-11-11 20:54:26,093 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [655331179] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:26,093 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:26,093 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-11 20:54:26,093 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [338980448] [2024-11-11 20:54:26,093 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:26,094 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-11 20:54:26,094 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:26,094 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-11 20:54:26,094 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-11 20:54:26,095 INFO L87 Difference]: Start difference. First operand 218 states and 270 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:54:26,255 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:26,255 INFO L93 Difference]: Finished difference Result 429 states and 532 transitions. [2024-11-11 20:54:26,257 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-11 20:54:26,257 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2024-11-11 20:54:26,257 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:26,259 INFO L225 Difference]: With dead ends: 429 [2024-11-11 20:54:26,259 INFO L226 Difference]: Without dead ends: 218 [2024-11-11 20:54:26,259 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:54:26,260 INFO L435 NwaCegarLoop]: 83 mSDtfsCounter, 120 mSDsluCounter, 282 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 365 SdHoareTripleChecker+Invalid, 180 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:26,260 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 365 Invalid, 180 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-11 20:54:26,261 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2024-11-11 20:54:26,272 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 216. [2024-11-11 20:54:26,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 216 states, 163 states have (on average 1.2453987730061349) internal successors, (203), 172 states have internal predecessors, (203), 26 states have call successors, (26), 22 states have call predecessors, (26), 26 states have return successors, (37), 27 states have call predecessors, (37), 26 states have call successors, (37) [2024-11-11 20:54:26,274 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 216 states to 216 states and 266 transitions. [2024-11-11 20:54:26,275 INFO L78 Accepts]: Start accepts. Automaton has 216 states and 266 transitions. Word has length 51 [2024-11-11 20:54:26,275 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:26,275 INFO L471 AbstractCegarLoop]: Abstraction has 216 states and 266 transitions. [2024-11-11 20:54:26,275 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-11 20:54:26,275 INFO L276 IsEmpty]: Start isEmpty. Operand 216 states and 266 transitions. [2024-11-11 20:54:26,276 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-11 20:54:26,276 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:26,276 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:26,276 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-11 20:54:26,276 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:26,276 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:26,276 INFO L85 PathProgramCache]: Analyzing trace with hash 1340244461, now seen corresponding path program 1 times [2024-11-11 20:54:26,276 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:26,276 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [285131340] [2024-11-11 20:54:26,277 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:26,277 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:26,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,333 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-11 20:54:26,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,341 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:54:26,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,354 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:26,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,361 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2024-11-11 20:54:26,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,364 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:26,364 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:26,364 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [285131340] [2024-11-11 20:54:26,364 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [285131340] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:26,364 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:26,364 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-11 20:54:26,364 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [173604670] [2024-11-11 20:54:26,365 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:26,365 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-11 20:54:26,365 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:26,365 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-11 20:54:26,365 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-11 20:54:26,365 INFO L87 Difference]: Start difference. First operand 216 states and 266 transitions. Second operand has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:54:26,840 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:26,840 INFO L93 Difference]: Finished difference Result 415 states and 522 transitions. [2024-11-11 20:54:26,841 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2024-11-11 20:54:26,841 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 53 [2024-11-11 20:54:26,841 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:26,842 INFO L225 Difference]: With dead ends: 415 [2024-11-11 20:54:26,842 INFO L226 Difference]: Without dead ends: 257 [2024-11-11 20:54:26,843 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 64 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=139, Invalid=323, Unknown=0, NotChecked=0, Total=462 [2024-11-11 20:54:26,843 INFO L435 NwaCegarLoop]: 95 mSDtfsCounter, 343 mSDsluCounter, 344 mSDsCounter, 0 mSdLazyCounter, 480 mSolverCounterSat, 113 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 347 SdHoareTripleChecker+Valid, 439 SdHoareTripleChecker+Invalid, 593 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 113 IncrementalHoareTripleChecker+Valid, 480 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:26,843 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [347 Valid, 439 Invalid, 593 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [113 Valid, 480 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-11 20:54:26,844 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 257 states. [2024-11-11 20:54:26,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 257 to 218. [2024-11-11 20:54:26,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218 states, 164 states have (on average 1.2073170731707317) internal successors, (198), 174 states have internal predecessors, (198), 26 states have call successors, (26), 22 states have call predecessors, (26), 27 states have return successors, (32), 27 states have call predecessors, (32), 26 states have call successors, (32) [2024-11-11 20:54:26,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 256 transitions. [2024-11-11 20:54:26,856 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 256 transitions. Word has length 53 [2024-11-11 20:54:26,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:26,856 INFO L471 AbstractCegarLoop]: Abstraction has 218 states and 256 transitions. [2024-11-11 20:54:26,856 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 4.888888888888889) internal successors, (44), 7 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-11 20:54:26,856 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 256 transitions. [2024-11-11 20:54:26,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:54:26,857 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:26,857 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:26,857 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-11 20:54:26,857 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:26,857 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:26,857 INFO L85 PathProgramCache]: Analyzing trace with hash -768900197, now seen corresponding path program 1 times [2024-11-11 20:54:26,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:26,858 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2109794907] [2024-11-11 20:54:26,858 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:26,858 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:26,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,890 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-11 20:54:26,891 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,895 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:54:26,897 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,909 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:26,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,969 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-11 20:54:26,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,971 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-11 20:54:26,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:26,976 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:26,976 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:26,976 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2109794907] [2024-11-11 20:54:26,976 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2109794907] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:26,976 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:26,976 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-11 20:54:26,976 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [126800768] [2024-11-11 20:54:26,976 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:26,977 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-11 20:54:26,977 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:26,977 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-11 20:54:26,977 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-11 20:54:26,977 INFO L87 Difference]: Start difference. First operand 218 states and 256 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-11 20:54:27,178 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:27,179 INFO L93 Difference]: Finished difference Result 417 states and 499 transitions. [2024-11-11 20:54:27,179 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-11 20:54:27,179 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 55 [2024-11-11 20:54:27,180 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:27,181 INFO L225 Difference]: With dead ends: 417 [2024-11-11 20:54:27,181 INFO L226 Difference]: Without dead ends: 257 [2024-11-11 20:54:27,182 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2024-11-11 20:54:27,182 INFO L435 NwaCegarLoop]: 55 mSDtfsCounter, 148 mSDsluCounter, 235 mSDsCounter, 0 mSdLazyCounter, 294 mSolverCounterSat, 53 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 151 SdHoareTripleChecker+Valid, 290 SdHoareTripleChecker+Invalid, 347 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 53 IncrementalHoareTripleChecker+Valid, 294 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:27,182 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [151 Valid, 290 Invalid, 347 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [53 Valid, 294 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-11 20:54:27,183 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 257 states. [2024-11-11 20:54:27,192 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 257 to 218. [2024-11-11 20:54:27,193 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 218 states, 164 states have (on average 1.201219512195122) internal successors, (197), 174 states have internal predecessors, (197), 26 states have call successors, (26), 22 states have call predecessors, (26), 27 states have return successors, (32), 27 states have call predecessors, (32), 26 states have call successors, (32) [2024-11-11 20:54:27,194 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 218 states to 218 states and 255 transitions. [2024-11-11 20:54:27,194 INFO L78 Accepts]: Start accepts. Automaton has 218 states and 255 transitions. Word has length 55 [2024-11-11 20:54:27,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:27,194 INFO L471 AbstractCegarLoop]: Abstraction has 218 states and 255 transitions. [2024-11-11 20:54:27,195 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-11 20:54:27,195 INFO L276 IsEmpty]: Start isEmpty. Operand 218 states and 255 transitions. [2024-11-11 20:54:27,195 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2024-11-11 20:54:27,195 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:27,195 INFO L218 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:27,195 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-11 20:54:27,196 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:27,196 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:27,196 INFO L85 PathProgramCache]: Analyzing trace with hash -696926305, now seen corresponding path program 1 times [2024-11-11 20:54:27,196 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:27,196 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1325231440] [2024-11-11 20:54:27,196 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:27,196 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:27,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,247 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-11 20:54:27,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,258 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-11 20:54:27,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,286 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:27,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,295 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-11 20:54:27,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,297 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2024-11-11 20:54:27,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,301 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-11 20:54:27,301 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:27,302 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1325231440] [2024-11-11 20:54:27,302 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1325231440] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-11 20:54:27,302 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-11 20:54:27,303 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-11 20:54:27,303 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [25484774] [2024-11-11 20:54:27,303 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-11 20:54:27,303 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-11 20:54:27,303 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:27,304 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-11 20:54:27,304 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-11-11 20:54:27,304 INFO L87 Difference]: Start difference. First operand 218 states and 255 transitions. Second operand has 8 states, 8 states have (on average 5.5) internal successors, (44), 6 states have internal predecessors, (44), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-11 20:54:27,669 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:27,670 INFO L93 Difference]: Finished difference Result 509 states and 627 transitions. [2024-11-11 20:54:27,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-11 20:54:27,670 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 6 states have internal predecessors, (44), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) Word has length 55 [2024-11-11 20:54:27,670 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:27,672 INFO L225 Difference]: With dead ends: 509 [2024-11-11 20:54:27,673 INFO L226 Difference]: Without dead ends: 349 [2024-11-11 20:54:27,674 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 63 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=107, Invalid=273, Unknown=0, NotChecked=0, Total=380 [2024-11-11 20:54:27,675 INFO L435 NwaCegarLoop]: 51 mSDtfsCounter, 285 mSDsluCounter, 298 mSDsCounter, 0 mSdLazyCounter, 396 mSolverCounterSat, 109 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 290 SdHoareTripleChecker+Valid, 349 SdHoareTripleChecker+Invalid, 505 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 109 IncrementalHoareTripleChecker+Valid, 396 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:27,675 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [290 Valid, 349 Invalid, 505 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [109 Valid, 396 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-11 20:54:27,675 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 349 states. [2024-11-11 20:54:27,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 349 to 347. [2024-11-11 20:54:27,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 347 states, 259 states have (on average 1.193050193050193) internal successors, (309), 275 states have internal predecessors, (309), 46 states have call successors, (46), 35 states have call predecessors, (46), 41 states have return successors, (60), 44 states have call predecessors, (60), 46 states have call successors, (60) [2024-11-11 20:54:27,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 347 states to 347 states and 415 transitions. [2024-11-11 20:54:27,694 INFO L78 Accepts]: Start accepts. Automaton has 347 states and 415 transitions. Word has length 55 [2024-11-11 20:54:27,694 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:27,694 INFO L471 AbstractCegarLoop]: Abstraction has 347 states and 415 transitions. [2024-11-11 20:54:27,694 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 6 states have internal predecessors, (44), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-11 20:54:27,694 INFO L276 IsEmpty]: Start isEmpty. Operand 347 states and 415 transitions. [2024-11-11 20:54:27,695 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 90 [2024-11-11 20:54:27,695 INFO L210 NwaCegarLoop]: Found error trace [2024-11-11 20:54:27,695 INFO L218 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:27,696 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-11 20:54:27,696 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-11 20:54:27,696 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-11 20:54:27,696 INFO L85 PathProgramCache]: Analyzing trace with hash 1626295211, now seen corresponding path program 1 times [2024-11-11 20:54:27,696 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-11 20:54:27,696 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2072331325] [2024-11-11 20:54:27,696 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:27,696 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-11 20:54:27,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,753 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-11 20:54:27,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,759 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-11 20:54:27,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,798 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-11 20:54:27,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,802 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-11 20:54:27,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,810 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-11 20:54:27,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,821 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 65 [2024-11-11 20:54:27,822 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,824 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-11 20:54:27,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,825 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2024-11-11 20:54:27,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,830 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 16 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-11 20:54:27,831 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-11 20:54:27,831 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2072331325] [2024-11-11 20:54:27,831 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2072331325] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-11 20:54:27,831 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [40510667] [2024-11-11 20:54:27,831 INFO L97 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-11 20:54:27,831 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-11 20:54:27,831 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-11 20:54:27,833 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-11 20:54:27,834 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-11 20:54:27,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-11 20:54:27,921 INFO L256 TraceCheckSpWp]: Trace formula consists of 295 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-11 20:54:27,925 INFO L279 TraceCheckSpWp]: Computing forward predicates... [2024-11-11 20:54:28,084 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-11 20:54:28,084 INFO L312 TraceCheckSpWp]: Computing backward predicates... [2024-11-11 20:54:28,342 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-11 20:54:28,343 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [40510667] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-11 20:54:28,343 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-11 20:54:28,343 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 8, 9] total 20 [2024-11-11 20:54:28,343 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1426598779] [2024-11-11 20:54:28,343 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-11 20:54:28,344 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-11 20:54:28,344 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-11 20:54:28,344 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-11 20:54:28,345 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=64, Invalid=316, Unknown=0, NotChecked=0, Total=380 [2024-11-11 20:54:28,345 INFO L87 Difference]: Start difference. First operand 347 states and 415 transitions. Second operand has 20 states, 20 states have (on average 6.6) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-11 20:54:29,555 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-11 20:54:29,555 INFO L93 Difference]: Finished difference Result 1073 states and 1374 transitions. [2024-11-11 20:54:29,556 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2024-11-11 20:54:29,556 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 6.6) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) Word has length 89 [2024-11-11 20:54:29,556 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-11 20:54:29,557 INFO L225 Difference]: With dead ends: 1073 [2024-11-11 20:54:29,557 INFO L226 Difference]: Without dead ends: 0 [2024-11-11 20:54:29,560 INFO L434 NwaCegarLoop]: 0 DeclaredPredicates, 262 GetRequests, 189 SyntacticMatches, 7 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1226 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=988, Invalid=3568, Unknown=0, NotChecked=0, Total=4556 [2024-11-11 20:54:29,561 INFO L435 NwaCegarLoop]: 70 mSDtfsCounter, 904 mSDsluCounter, 581 mSDsCounter, 0 mSdLazyCounter, 1027 mSolverCounterSat, 406 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 906 SdHoareTripleChecker+Valid, 651 SdHoareTripleChecker+Invalid, 1433 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 406 IncrementalHoareTripleChecker+Valid, 1027 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-11 20:54:29,561 INFO L436 NwaCegarLoop]: SdHoareTripleChecker [906 Valid, 651 Invalid, 1433 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [406 Valid, 1027 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-11 20:54:29,561 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-11 20:54:29,562 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-11 20:54:29,562 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-11 20:54:29,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-11 20:54:29,562 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 89 [2024-11-11 20:54:29,562 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-11 20:54:29,562 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-11 20:54:29,563 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 6.6) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-11 20:54:29,563 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-11 20:54:29,563 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-11 20:54:29,565 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-11 20:54:29,580 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-11 20:54:29,766 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-11 20:54:29,768 INFO L421 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-11 20:54:29,769 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-11 20:54:31,959 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-11 20:54:31,971 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (<= 1 |old(~pumpRunning~0)|)) Eliminated clause: (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) (= 1 ~systemActive~0)) [2024-11-11 20:54:31,981 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (or (= |old(~methaneLevelCritical~0)| 0) (not (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1))) [2024-11-11 20:54:31,987 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 (<= 1 |old(~pumpRunning~0)|)) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (and (<= 1 ~pumpRunning~0) .cse0 .cse1))) [2024-11-11 20:54:31,993 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0))) [2024-11-11 20:54:31,999 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 0) .cse0 (<= |old(~waterLevel~0)| 1)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0))) [2024-11-11 20:54:32,004 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse0 (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 2)) (and (<= 1 ~pumpRunning~0) (<= ~waterLevel~0 1) .cse0))) [2024-11-11 20:54:32,010 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 11.11 08:54:32 BoogieIcfgContainer [2024-11-11 20:54:32,011 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-11 20:54:32,011 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-11 20:54:32,011 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-11 20:54:32,011 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-11 20:54:32,012 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 11.11 08:54:24" (3/4) ... [2024-11-11 20:54:32,013 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-11 20:54:32,016 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-11 20:54:32,016 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-11 20:54:32,016 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-11 20:54:32,016 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-11 20:54:32,016 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-11 20:54:32,017 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-11 20:54:32,017 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-11 20:54:32,017 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-11 20:54:32,017 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-11 20:54:32,024 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-11 20:54:32,025 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-11 20:54:32,025 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-11 20:54:32,025 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:54:32,025 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-11 20:54:32,121 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-11 20:54:32,122 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-11 20:54:32,122 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-11 20:54:32,123 INFO L158 Benchmark]: Toolchain (without parser) took 8890.23ms. Allocated memory was 157.3MB in the beginning and 234.9MB in the end (delta: 77.6MB). Free memory was 84.8MB in the beginning and 127.9MB in the end (delta: -43.0MB). Peak memory consumption was 35.5MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,123 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 157.3MB. Free memory is still 130.9MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-11 20:54:32,123 INFO L158 Benchmark]: CACSL2BoogieTranslator took 411.66ms. Allocated memory is still 157.3MB. Free memory was 84.6MB in the beginning and 117.3MB in the end (delta: -32.7MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,123 INFO L158 Benchmark]: Boogie Procedure Inliner took 36.89ms. Allocated memory is still 157.3MB. Free memory was 117.3MB in the beginning and 114.5MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,124 INFO L158 Benchmark]: Boogie Preprocessor took 28.64ms. Allocated memory is still 157.3MB. Free memory was 114.5MB in the beginning and 112.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,124 INFO L158 Benchmark]: RCFGBuilder took 415.78ms. Allocated memory is still 157.3MB. Free memory was 112.4MB in the beginning and 92.7MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,124 INFO L158 Benchmark]: TraceAbstraction took 7880.84ms. Allocated memory was 157.3MB in the beginning and 234.9MB in the end (delta: 77.6MB). Free memory was 92.2MB in the beginning and 136.3MB in the end (delta: -44.1MB). Peak memory consumption was 106.3MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,125 INFO L158 Benchmark]: Witness Printer took 111.42ms. Allocated memory is still 234.9MB. Free memory was 136.3MB in the beginning and 127.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-11 20:54:32,126 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 157.3MB. Free memory is still 130.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 411.66ms. Allocated memory is still 157.3MB. Free memory was 84.6MB in the beginning and 117.3MB in the end (delta: -32.7MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 36.89ms. Allocated memory is still 157.3MB. Free memory was 117.3MB in the beginning and 114.5MB in the end (delta: 2.9MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 28.64ms. Allocated memory is still 157.3MB. Free memory was 114.5MB in the beginning and 112.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 415.78ms. Allocated memory is still 157.3MB. Free memory was 112.4MB in the beginning and 92.7MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7880.84ms. Allocated memory was 157.3MB in the beginning and 234.9MB in the end (delta: 77.6MB). Free memory was 92.2MB in the beginning and 136.3MB in the end (delta: -44.1MB). Peak memory consumption was 106.3MB. Max. memory is 16.1GB. * Witness Printer took 111.42ms. Allocated memory is still 234.9MB. Free memory was 136.3MB in the beginning and 127.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [96] - GenericResultAtLocation [Line: 165]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [165] - GenericResultAtLocation [Line: 398]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [398] - GenericResultAtLocation [Line: 502]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [502] - GenericResultAtLocation [Line: 536]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [536] - GenericResultAtLocation [Line: 902]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [902] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 102 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.6s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2458 SdHoareTripleChecker+Valid, 2.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2416 mSDsluCounter, 3835 SdHoareTripleChecker+Invalid, 1.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2762 mSDsCounter, 839 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2849 IncrementalHoareTripleChecker+Invalid, 3688 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 839 mSolverCounterUnsat, 1073 mSDtfsCounter, 2849 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 441 GetRequests, 288 SyntacticMatches, 7 SemanticMatches, 146 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1364 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=347occurred in iteration=11, InterpolantAutomatonStates: 132, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 12 MinimizatonAttempts, 98 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 663 NumberOfCodeBlocks, 663 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 738 ConstructedInterpolants, 0 QuantifiedInterpolants, 1535 SizeOfPredicates, 2 NumberOfNonLiveVariables, 295 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 60/81 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 110]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 111]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 296]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (1 <= \old(pumpRunning))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 203]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 426]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 438]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 904]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 179]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((((((pumpRunning == \old(pumpRunning)) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel))) || (\old(pumpRunning) < 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel)))) && (((1 < \old(waterLevel)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel))) || (\old(pumpRunning) != 0))) && (((\old(waterLevel) <= 2) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)))) && (((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (\old(pumpRunning) != 0)) || ((1 <= pumpRunning) && (\old(waterLevel) == waterLevel)))) && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1)) && (((\old(pumpRunning) != 0) || (1 < waterLevel)) || ((pumpRunning == 0) && (1 == systemActive)))) && ((0 < pumpRunning) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || (((waterLevel <= 1) && (1 == systemActive)) && (1 <= \old(pumpRunning))))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 414]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((waterLevel <= ((long long) \old(waterLevel) + 1)) && ((((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (waterLevel <= 2)) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 237]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((1 <= pumpRunning) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((\old(pumpRunning) != 0) || (1 < waterLevel)) || ((pumpRunning == 0) && (1 == systemActive))) && (((0 < pumpRunning) || (\old(pumpRunning) != 0)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || (((waterLevel <= 1) && (1 == systemActive)) && (1 <= \old(pumpRunning))))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && (((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-11 20:54:32,148 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE