./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:15:13,991 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:15:14,066 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:15:14,072 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:15:14,073 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:15:14,106 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:15:14,107 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:15:14,107 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:15:14,108 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:15:14,109 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:15:14,110 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:15:14,111 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:15:14,111 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:15:14,113 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:15:14,113 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:15:14,114 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:15:14,115 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:15:14,115 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:15:14,115 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:15:14,117 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:15:14,118 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:15:14,118 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:15:14,119 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:15:14,119 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:15:14,119 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:15:14,119 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:15:14,120 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:15:14,120 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:15:14,120 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:15:14,121 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:15:14,121 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:15:14,122 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:15:14,122 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:15:14,123 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:15:14,123 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:15:14,123 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:15:14,124 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:15:14,124 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:15:14,124 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:15:14,125 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:15:14,125 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:15:14,125 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:15:14,125 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb [2024-11-08 15:15:14,394 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:15:14,418 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:15:14,421 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:15:14,422 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:15:14,422 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:15:14,423 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-08 15:15:15,816 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:15:16,052 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:15:16,052 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-08 15:15:16,066 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9a65cb56b/b4e13ff69eba49a280ec412b83af6361/FLAG7dafe3dad [2024-11-08 15:15:16,387 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/9a65cb56b/b4e13ff69eba49a280ec412b83af6361 [2024-11-08 15:15:16,389 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:15:16,390 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:15:16,392 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:15:16,392 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:15:16,396 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:15:16,397 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,398 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5bf4548c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16, skipping insertion in model container [2024-11-08 15:15:16,398 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,442 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:15:16,677 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-08 15:15:16,770 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:15:16,786 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:15:16,796 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-08 15:15:16,798 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] [2024-11-08 15:15:16,798 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] [2024-11-08 15:15:16,799 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] [2024-11-08 15:15:16,799 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] [2024-11-08 15:15:16,799 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] [2024-11-08 15:15:16,799 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] [2024-11-08 15:15:16,800 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] [2024-11-08 15:15:16,821 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-08 15:15:16,879 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:15:16,905 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:15:16,905 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16 WrapperNode [2024-11-08 15:15:16,906 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:15:16,907 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:15:16,907 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:15:16,907 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:15:16,912 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,924 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,955 INFO L138 Inliner]: procedures = 57, calls = 104, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 231 [2024-11-08 15:15:16,956 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:15:16,956 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:15:16,957 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:15:16,957 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:15:16,968 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,968 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,971 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,989 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:15:16,990 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,990 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,995 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:16,999 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:17,001 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:17,002 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:17,004 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:15:17,005 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:15:17,006 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:15:17,006 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:15:17,007 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (1/1) ... [2024-11-08 15:15:17,014 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:15:17,027 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:15:17,048 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:15:17,052 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:15:17,108 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:15:17,108 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:15:17,108 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:15:17,108 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:15:17,108 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:15:17,109 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:15:17,109 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:15:17,109 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-08 15:15:17,109 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-08 15:15:17,109 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:15:17,110 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:15:17,110 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:15:17,110 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:15:17,110 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 15:15:17,111 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 15:15:17,111 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:15:17,111 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:15:17,112 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:15:17,112 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:15:17,112 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:15:17,112 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:15:17,112 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:15:17,211 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:15:17,213 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:15:17,594 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-08 15:15:17,594 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:15:17,610 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:15:17,610 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:15:17,611 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:17 BoogieIcfgContainer [2024-11-08 15:15:17,611 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:15:17,613 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:15:17,613 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:15:17,616 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:15:17,617 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:15:16" (1/3) ... [2024-11-08 15:15:17,617 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@31d71b99 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:15:17, skipping insertion in model container [2024-11-08 15:15:17,617 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:16" (2/3) ... [2024-11-08 15:15:17,618 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@31d71b99 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:15:17, skipping insertion in model container [2024-11-08 15:15:17,618 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:17" (3/3) ... [2024-11-08 15:15:17,619 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product54.cil.c [2024-11-08 15:15:17,635 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:15:17,635 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:15:17,688 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:15:17,694 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6f09a2de, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:15:17,694 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:15:17,698 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-08 15:15:17,705 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-08 15:15:17,706 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:17,706 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:17,707 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:17,712 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:17,712 INFO L85 PathProgramCache]: Analyzing trace with hash 149329663, now seen corresponding path program 1 times [2024-11-08 15:15:17,720 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:17,720 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1533860153] [2024-11-08 15:15:17,720 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:17,721 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:17,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:17,913 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-08 15:15:17,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:17,921 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:17,922 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:17,922 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1533860153] [2024-11-08 15:15:17,923 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1533860153] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:17,923 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:17,923 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:15:17,925 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [922769663] [2024-11-08 15:15:17,925 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:17,929 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:15:17,930 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:17,950 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:15:17,951 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:15:17,954 INFO L87 Difference]: Start difference. First operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:17,984 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:17,985 INFO L93 Difference]: Finished difference Result 198 states and 269 transitions. [2024-11-08 15:15:17,986 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:15:17,987 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-08 15:15:17,988 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:17,997 INFO L225 Difference]: With dead ends: 198 [2024-11-08 15:15:17,998 INFO L226 Difference]: Without dead ends: 94 [2024-11-08 15:15:18,001 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:15:18,005 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:18,006 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 131 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:18,024 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-08 15:15:18,048 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-08 15:15:18,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 69 states have (on average 1.318840579710145) internal successors, (91), 78 states have internal predecessors, (91), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-08 15:15:18,051 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-11-08 15:15:18,052 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 25 [2024-11-08 15:15:18,052 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:18,052 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-11-08 15:15:18,053 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:18,053 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-11-08 15:15:18,055 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-08 15:15:18,055 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:18,055 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:18,055 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:15:18,055 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:18,056 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:18,056 INFO L85 PathProgramCache]: Analyzing trace with hash 67554452, now seen corresponding path program 1 times [2024-11-08 15:15:18,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:18,057 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1767064677] [2024-11-08 15:15:18,057 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:18,057 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:18,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,167 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-08 15:15:18,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,179 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:18,180 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:18,180 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1767064677] [2024-11-08 15:15:18,180 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1767064677] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:18,180 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:18,180 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:15:18,180 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [364333620] [2024-11-08 15:15:18,180 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:18,184 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:15:18,184 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:18,186 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:15:18,186 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:18,186 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:18,219 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:18,220 INFO L93 Difference]: Finished difference Result 153 states and 199 transitions. [2024-11-08 15:15:18,223 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:15:18,223 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-08 15:15:18,224 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:18,225 INFO L225 Difference]: With dead ends: 153 [2024-11-08 15:15:18,226 INFO L226 Difference]: Without dead ends: 85 [2024-11-08 15:15:18,227 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:18,228 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 13 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:18,230 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:18,231 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-08 15:15:18,239 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-08 15:15:18,239 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 72 states have internal predecessors, (84), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:15:18,241 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 110 transitions. [2024-11-08 15:15:18,241 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 110 transitions. Word has length 26 [2024-11-08 15:15:18,242 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:18,242 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 110 transitions. [2024-11-08 15:15:18,242 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:18,242 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 110 transitions. [2024-11-08 15:15:18,244 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-08 15:15:18,244 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:18,244 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:18,244 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:15:18,244 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:18,245 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:18,245 INFO L85 PathProgramCache]: Analyzing trace with hash -6965766, now seen corresponding path program 1 times [2024-11-08 15:15:18,245 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:18,246 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2101663500] [2024-11-08 15:15:18,246 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:18,246 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:18,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:18,375 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,377 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:18,378 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:18,378 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2101663500] [2024-11-08 15:15:18,378 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2101663500] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:18,378 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:18,379 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:15:18,379 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1313006363] [2024-11-08 15:15:18,380 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:18,380 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:15:18,381 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:18,381 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:15:18,382 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:18,383 INFO L87 Difference]: Start difference. First operand 85 states and 110 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:18,417 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:18,417 INFO L93 Difference]: Finished difference Result 163 states and 214 transitions. [2024-11-08 15:15:18,419 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:15:18,419 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-08 15:15:18,420 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:18,422 INFO L225 Difference]: With dead ends: 163 [2024-11-08 15:15:18,422 INFO L226 Difference]: Without dead ends: 85 [2024-11-08 15:15:18,423 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:18,425 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 104 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:18,425 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 108 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:18,426 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-08 15:15:18,436 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-08 15:15:18,436 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 72 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-08 15:15:18,441 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-08 15:15:18,441 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 31 [2024-11-08 15:15:18,442 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:18,445 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-08 15:15:18,445 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-08 15:15:18,446 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-08 15:15:18,447 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-08 15:15:18,447 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:18,447 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:18,447 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:15:18,448 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:18,448 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:18,448 INFO L85 PathProgramCache]: Analyzing trace with hash 1330354743, now seen corresponding path program 1 times [2024-11-08 15:15:18,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:18,451 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [907735263] [2024-11-08 15:15:18,451 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:18,452 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:18,474 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,534 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:18,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,544 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2024-11-08 15:15:18,546 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-08 15:15:18,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,551 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-08 15:15:18,552 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:18,552 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [907735263] [2024-11-08 15:15:18,552 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [907735263] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:18,552 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:18,552 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-08 15:15:18,553 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2089066370] [2024-11-08 15:15:18,553 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:18,553 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-08 15:15:18,553 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:18,554 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-08 15:15:18,554 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-08 15:15:18,555 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-08 15:15:18,784 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:18,784 INFO L93 Difference]: Finished difference Result 246 states and 320 transitions. [2024-11-08 15:15:18,785 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-08 15:15:18,785 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 44 [2024-11-08 15:15:18,786 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:18,787 INFO L225 Difference]: With dead ends: 246 [2024-11-08 15:15:18,787 INFO L226 Difference]: Without dead ends: 168 [2024-11-08 15:15:18,788 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:15:18,789 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 170 mSDsluCounter, 121 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 176 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 123 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:18,793 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [176 Valid, 222 Invalid, 123 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:15:18,794 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2024-11-08 15:15:18,821 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 162. [2024-11-08 15:15:18,822 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 162 states, 122 states have (on average 1.2868852459016393) internal successors, (157), 130 states have internal predecessors, (157), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-08 15:15:18,827 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 162 states to 162 states and 206 transitions. [2024-11-08 15:15:18,827 INFO L78 Accepts]: Start accepts. Automaton has 162 states and 206 transitions. Word has length 44 [2024-11-08 15:15:18,827 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:18,828 INFO L471 AbstractCegarLoop]: Abstraction has 162 states and 206 transitions. [2024-11-08 15:15:18,828 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-08 15:15:18,828 INFO L276 IsEmpty]: Start isEmpty. Operand 162 states and 206 transitions. [2024-11-08 15:15:18,830 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-08 15:15:18,830 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:18,830 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:18,830 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:15:18,830 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:18,831 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:18,831 INFO L85 PathProgramCache]: Analyzing trace with hash 1858639799, now seen corresponding path program 1 times [2024-11-08 15:15:18,831 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:18,832 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1680631889] [2024-11-08 15:15:18,832 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:18,832 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:18,848 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:18,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:18,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,004 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:19,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,052 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-08 15:15:19,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,056 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:19,057 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:19,057 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1680631889] [2024-11-08 15:15:19,058 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1680631889] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:19,059 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:19,059 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:15:19,059 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1773469506] [2024-11-08 15:15:19,059 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:19,060 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:15:19,061 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:19,061 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:15:19,062 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:15:19,062 INFO L87 Difference]: Start difference. First operand 162 states and 206 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:15:19,259 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:19,259 INFO L93 Difference]: Finished difference Result 322 states and 416 transitions. [2024-11-08 15:15:19,260 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:15:19,260 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-08 15:15:19,261 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:19,263 INFO L225 Difference]: With dead ends: 322 [2024-11-08 15:15:19,263 INFO L226 Difference]: Without dead ends: 167 [2024-11-08 15:15:19,264 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:15:19,268 INFO L432 NwaCegarLoop]: 101 mSDtfsCounter, 61 mSDsluCounter, 328 mSDsCounter, 0 mSdLazyCounter, 142 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 65 SdHoareTripleChecker+Valid, 429 SdHoareTripleChecker+Invalid, 157 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 142 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:19,268 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [65 Valid, 429 Invalid, 157 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 142 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:15:19,269 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 167 states. [2024-11-08 15:15:19,296 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 167 to 165. [2024-11-08 15:15:19,298 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 125 states have (on average 1.28) internal successors, (160), 133 states have internal predecessors, (160), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-08 15:15:19,300 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 209 transitions. [2024-11-08 15:15:19,301 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 209 transitions. Word has length 50 [2024-11-08 15:15:19,301 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:19,301 INFO L471 AbstractCegarLoop]: Abstraction has 165 states and 209 transitions. [2024-11-08 15:15:19,302 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:15:19,302 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 209 transitions. [2024-11-08 15:15:19,304 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-08 15:15:19,304 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:19,304 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:19,305 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:15:19,305 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:19,305 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:19,306 INFO L85 PathProgramCache]: Analyzing trace with hash 2077494517, now seen corresponding path program 1 times [2024-11-08 15:15:19,306 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:19,306 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [847007592] [2024-11-08 15:15:19,306 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:19,306 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:19,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,405 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:19,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,433 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:19,440 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,467 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-08 15:15:19,470 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,473 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:19,473 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:19,473 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [847007592] [2024-11-08 15:15:19,473 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [847007592] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:19,474 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:19,474 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:15:19,474 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1406534704] [2024-11-08 15:15:19,474 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:19,475 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:15:19,475 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:19,475 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:15:19,476 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:15:19,476 INFO L87 Difference]: Start difference. First operand 165 states and 209 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:15:19,671 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:19,671 INFO L93 Difference]: Finished difference Result 327 states and 427 transitions. [2024-11-08 15:15:19,672 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:15:19,672 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-08 15:15:19,673 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:19,674 INFO L225 Difference]: With dead ends: 327 [2024-11-08 15:15:19,675 INFO L226 Difference]: Without dead ends: 169 [2024-11-08 15:15:19,675 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:15:19,676 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 151 mSDsluCounter, 222 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 154 SdHoareTripleChecker+Valid, 319 SdHoareTripleChecker+Invalid, 156 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:19,677 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [154 Valid, 319 Invalid, 156 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:15:19,678 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 169 states. [2024-11-08 15:15:19,700 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 169 to 167. [2024-11-08 15:15:19,701 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 167 states, 127 states have (on average 1.2755905511811023) internal successors, (162), 135 states have internal predecessors, (162), 19 states have call successors, (19), 15 states have call predecessors, (19), 20 states have return successors, (30), 21 states have call predecessors, (30), 19 states have call successors, (30) [2024-11-08 15:15:19,702 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 167 states to 167 states and 211 transitions. [2024-11-08 15:15:19,702 INFO L78 Accepts]: Start accepts. Automaton has 167 states and 211 transitions. Word has length 50 [2024-11-08 15:15:19,702 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:19,702 INFO L471 AbstractCegarLoop]: Abstraction has 167 states and 211 transitions. [2024-11-08 15:15:19,703 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-08 15:15:19,703 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 211 transitions. [2024-11-08 15:15:19,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-08 15:15:19,704 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:19,704 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:19,704 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-08 15:15:19,704 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:19,704 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:19,705 INFO L85 PathProgramCache]: Analyzing trace with hash 1943481011, now seen corresponding path program 1 times [2024-11-08 15:15:19,705 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:19,705 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1429604658] [2024-11-08 15:15:19,706 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:19,706 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:19,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,784 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:19,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,799 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:19,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,818 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-08 15:15:19,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:19,821 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:19,821 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:19,821 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1429604658] [2024-11-08 15:15:19,822 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1429604658] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:19,822 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:19,822 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:15:19,822 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1515857146] [2024-11-08 15:15:19,822 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:19,822 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-08 15:15:19,823 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:19,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-08 15:15:19,823 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-08 15:15:19,823 INFO L87 Difference]: Start difference. First operand 167 states and 211 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:15:20,058 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:20,059 INFO L93 Difference]: Finished difference Result 467 states and 611 transitions. [2024-11-08 15:15:20,059 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:15:20,060 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-08 15:15:20,060 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:20,062 INFO L225 Difference]: With dead ends: 467 [2024-11-08 15:15:20,062 INFO L226 Difference]: Without dead ends: 307 [2024-11-08 15:15:20,096 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:15:20,098 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 228 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 160 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 235 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:20,098 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [235 Valid, 336 Invalid, 222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 160 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:15:20,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2024-11-08 15:15:20,133 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 299. [2024-11-08 15:15:20,134 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 299 states, 226 states have (on average 1.252212389380531) internal successors, (283), 238 states have internal predecessors, (283), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-08 15:15:20,137 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 299 states to 299 states and 381 transitions. [2024-11-08 15:15:20,137 INFO L78 Accepts]: Start accepts. Automaton has 299 states and 381 transitions. Word has length 50 [2024-11-08 15:15:20,138 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:20,138 INFO L471 AbstractCegarLoop]: Abstraction has 299 states and 381 transitions. [2024-11-08 15:15:20,138 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-08 15:15:20,140 INFO L276 IsEmpty]: Start isEmpty. Operand 299 states and 381 transitions. [2024-11-08 15:15:20,141 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-08 15:15:20,141 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:20,142 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:20,142 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-08 15:15:20,142 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:20,142 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:20,143 INFO L85 PathProgramCache]: Analyzing trace with hash -432802525, now seen corresponding path program 1 times [2024-11-08 15:15:20,143 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:20,143 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1074527701] [2024-11-08 15:15:20,143 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:20,143 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:20,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,217 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:20,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,228 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:20,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,233 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:15:20,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,236 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2024-11-08 15:15:20,237 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,240 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:20,240 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:20,240 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1074527701] [2024-11-08 15:15:20,242 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1074527701] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:20,242 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:20,242 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:15:20,242 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1525214233] [2024-11-08 15:15:20,242 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:20,243 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:15:20,243 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:20,243 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:15:20,243 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:15:20,243 INFO L87 Difference]: Start difference. First operand 299 states and 381 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:15:20,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:20,458 INFO L93 Difference]: Finished difference Result 591 states and 754 transitions. [2024-11-08 15:15:20,459 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:15:20,459 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-08 15:15:20,460 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:20,462 INFO L225 Difference]: With dead ends: 591 [2024-11-08 15:15:20,462 INFO L226 Difference]: Without dead ends: 299 [2024-11-08 15:15:20,463 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:15:20,465 INFO L432 NwaCegarLoop]: 84 mSDtfsCounter, 120 mSDsluCounter, 286 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 370 SdHoareTripleChecker+Invalid, 180 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:20,467 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 370 Invalid, 180 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:15:20,468 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2024-11-08 15:15:20,493 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 297. [2024-11-08 15:15:20,494 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 297 states, 224 states have (on average 1.2455357142857142) internal successors, (279), 236 states have internal predecessors, (279), 36 states have call successors, (36), 33 states have call predecessors, (36), 36 states have return successors, (62), 37 states have call predecessors, (62), 36 states have call successors, (62) [2024-11-08 15:15:20,496 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 297 states to 297 states and 377 transitions. [2024-11-08 15:15:20,497 INFO L78 Accepts]: Start accepts. Automaton has 297 states and 377 transitions. Word has length 52 [2024-11-08 15:15:20,497 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:20,497 INFO L471 AbstractCegarLoop]: Abstraction has 297 states and 377 transitions. [2024-11-08 15:15:20,497 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:15:20,497 INFO L276 IsEmpty]: Start isEmpty. Operand 297 states and 377 transitions. [2024-11-08 15:15:20,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-08 15:15:20,499 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:20,499 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:20,499 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-08 15:15:20,500 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:20,500 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:20,500 INFO L85 PathProgramCache]: Analyzing trace with hash -1117904615, now seen corresponding path program 1 times [2024-11-08 15:15:20,500 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:20,500 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [43890590] [2024-11-08 15:15:20,501 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:20,501 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:20,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,571 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:15:20,572 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,579 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:15:20,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,588 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:20,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,595 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2024-11-08 15:15:20,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:20,598 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:20,598 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:20,598 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [43890590] [2024-11-08 15:15:20,598 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [43890590] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:20,598 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:20,599 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:15:20,599 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [248435580] [2024-11-08 15:15:20,599 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:20,599 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:15:20,599 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:20,600 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:15:20,600 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:15:20,600 INFO L87 Difference]: Start difference. First operand 297 states and 377 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:15:21,039 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:21,039 INFO L93 Difference]: Finished difference Result 574 states and 741 transitions. [2024-11-08 15:15:21,039 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-08 15:15:21,040 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-08 15:15:21,040 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:21,042 INFO L225 Difference]: With dead ends: 574 [2024-11-08 15:15:21,042 INFO L226 Difference]: Without dead ends: 336 [2024-11-08 15:15:21,043 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 28 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=79, Invalid=193, Unknown=0, NotChecked=0, Total=272 [2024-11-08 15:15:21,044 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 225 mSDsluCounter, 348 mSDsCounter, 0 mSdLazyCounter, 404 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 229 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 471 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 404 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:21,044 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [229 Valid, 457 Invalid, 471 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 404 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-08 15:15:21,045 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 336 states. [2024-11-08 15:15:21,066 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 336 to 332. [2024-11-08 15:15:21,067 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 332 states, 251 states have (on average 1.2151394422310757) internal successors, (305), 266 states have internal predecessors, (305), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-08 15:15:21,069 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 332 states to 332 states and 404 transitions. [2024-11-08 15:15:21,069 INFO L78 Accepts]: Start accepts. Automaton has 332 states and 404 transitions. Word has length 54 [2024-11-08 15:15:21,070 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:21,070 INFO L471 AbstractCegarLoop]: Abstraction has 332 states and 404 transitions. [2024-11-08 15:15:21,070 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-08 15:15:21,070 INFO L276 IsEmpty]: Start isEmpty. Operand 332 states and 404 transitions. [2024-11-08 15:15:21,071 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-08 15:15:21,071 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:21,071 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:21,071 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-08 15:15:21,071 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:21,072 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:21,072 INFO L85 PathProgramCache]: Analyzing trace with hash -309751737, now seen corresponding path program 1 times [2024-11-08 15:15:21,072 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:21,072 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1981353892] [2024-11-08 15:15:21,072 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:21,072 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:21,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,135 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:15:21,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,143 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:15:21,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,155 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:21,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,176 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:15:21,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,178 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:15:21,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,181 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:21,181 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:21,182 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1981353892] [2024-11-08 15:15:21,182 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1981353892] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:21,182 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:21,182 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-08 15:15:21,182 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [986785687] [2024-11-08 15:15:21,182 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:21,183 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:15:21,183 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:21,184 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:15:21,184 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:15:21,184 INFO L87 Difference]: Start difference. First operand 332 states and 404 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:15:21,435 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:21,436 INFO L93 Difference]: Finished difference Result 604 states and 746 transitions. [2024-11-08 15:15:21,436 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:15:21,436 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-08 15:15:21,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:21,439 INFO L225 Difference]: With dead ends: 604 [2024-11-08 15:15:21,439 INFO L226 Difference]: Without dead ends: 333 [2024-11-08 15:15:21,440 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-08 15:15:21,442 INFO L432 NwaCegarLoop]: 63 mSDtfsCounter, 144 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 239 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 147 SdHoareTripleChecker+Valid, 264 SdHoareTripleChecker+Invalid, 285 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 239 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:21,442 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [147 Valid, 264 Invalid, 285 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 239 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:15:21,443 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2024-11-08 15:15:21,463 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 329. [2024-11-08 15:15:21,464 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 329 states, 248 states have (on average 1.2137096774193548) internal successors, (301), 263 states have internal predecessors, (301), 41 states have call successors, (41), 33 states have call predecessors, (41), 39 states have return successors, (58), 42 states have call predecessors, (58), 41 states have call successors, (58) [2024-11-08 15:15:21,466 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 329 states to 329 states and 400 transitions. [2024-11-08 15:15:21,467 INFO L78 Accepts]: Start accepts. Automaton has 329 states and 400 transitions. Word has length 56 [2024-11-08 15:15:21,467 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:21,467 INFO L471 AbstractCegarLoop]: Abstraction has 329 states and 400 transitions. [2024-11-08 15:15:21,467 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:15:21,467 INFO L276 IsEmpty]: Start isEmpty. Operand 329 states and 400 transitions. [2024-11-08 15:15:21,468 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-08 15:15:21,468 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:21,469 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:21,469 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-08 15:15:21,469 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:21,469 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:21,470 INFO L85 PathProgramCache]: Analyzing trace with hash -443765243, now seen corresponding path program 1 times [2024-11-08 15:15:21,470 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:21,470 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [607099984] [2024-11-08 15:15:21,470 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:21,470 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:21,479 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,526 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:15:21,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,532 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-08 15:15:21,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:21,551 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,612 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-08 15:15:21,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,614 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-08 15:15:21,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:21,619 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:21,620 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:21,620 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [607099984] [2024-11-08 15:15:21,620 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [607099984] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:21,620 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:21,620 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:15:21,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1366087471] [2024-11-08 15:15:21,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:21,620 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-08 15:15:21,620 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:21,621 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-08 15:15:21,621 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-08 15:15:21,621 INFO L87 Difference]: Start difference. First operand 329 states and 400 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:15:21,913 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:21,914 INFO L93 Difference]: Finished difference Result 573 states and 705 transitions. [2024-11-08 15:15:21,914 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-08 15:15:21,914 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-08 15:15:21,915 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:21,916 INFO L225 Difference]: With dead ends: 573 [2024-11-08 15:15:21,917 INFO L226 Difference]: Without dead ends: 305 [2024-11-08 15:15:21,917 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=33, Invalid=77, Unknown=0, NotChecked=0, Total=110 [2024-11-08 15:15:21,918 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 141 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 315 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 144 SdHoareTripleChecker+Valid, 339 SdHoareTripleChecker+Invalid, 361 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 315 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:21,919 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [144 Valid, 339 Invalid, 361 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 315 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-08 15:15:21,920 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2024-11-08 15:15:21,941 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 301. [2024-11-08 15:15:21,942 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 301 states, 228 states have (on average 1.2105263157894737) internal successors, (276), 242 states have internal predecessors, (276), 38 states have call successors, (38), 30 states have call predecessors, (38), 34 states have return successors, (49), 37 states have call predecessors, (49), 38 states have call successors, (49) [2024-11-08 15:15:21,944 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 301 states to 301 states and 363 transitions. [2024-11-08 15:15:21,945 INFO L78 Accepts]: Start accepts. Automaton has 301 states and 363 transitions. Word has length 56 [2024-11-08 15:15:21,945 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:21,946 INFO L471 AbstractCegarLoop]: Abstraction has 301 states and 363 transitions. [2024-11-08 15:15:21,946 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-08 15:15:21,946 INFO L276 IsEmpty]: Start isEmpty. Operand 301 states and 363 transitions. [2024-11-08 15:15:21,947 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-08 15:15:21,947 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:21,947 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:21,947 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-08 15:15:21,948 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:21,948 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:21,948 INFO L85 PathProgramCache]: Analyzing trace with hash 872263225, now seen corresponding path program 1 times [2024-11-08 15:15:21,948 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:21,948 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [890851881] [2024-11-08 15:15:21,949 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:21,949 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:21,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,087 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:15:22,088 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,096 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-08 15:15:22,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,176 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-08 15:15:22,178 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,181 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-08 15:15:22,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,185 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-08 15:15:22,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,206 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 67 [2024-11-08 15:15:22,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,209 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 74 [2024-11-08 15:15:22,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,211 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-08 15:15:22,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,220 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 17 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-08 15:15:22,221 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:22,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [890851881] [2024-11-08 15:15:22,221 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [890851881] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:15:22,221 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [438625851] [2024-11-08 15:15:22,221 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:22,222 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:15:22,222 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:15:22,224 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:15:22,227 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:15:22,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:22,329 INFO L255 TraceCheckSpWp]: Trace formula consists of 301 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-08 15:15:22,335 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:15:22,603 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-08 15:15:22,603 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:15:23,009 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-08 15:15:23,009 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [438625851] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:15:23,010 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:15:23,010 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 8, 9] total 20 [2024-11-08 15:15:23,010 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [438863232] [2024-11-08 15:15:23,010 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:15:23,011 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-08 15:15:23,011 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:23,011 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-08 15:15:23,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=62, Invalid=318, Unknown=0, NotChecked=0, Total=380 [2024-11-08 15:15:23,012 INFO L87 Difference]: Start difference. First operand 301 states and 363 transitions. Second operand has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-08 15:15:24,712 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:24,713 INFO L93 Difference]: Finished difference Result 913 states and 1187 transitions. [2024-11-08 15:15:24,713 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2024-11-08 15:15:24,713 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) Word has length 91 [2024-11-08 15:15:24,713 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:24,714 INFO L225 Difference]: With dead ends: 913 [2024-11-08 15:15:24,714 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:15:24,718 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 193 SyntacticMatches, 7 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1159 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=892, Invalid=3664, Unknown=0, NotChecked=0, Total=4556 [2024-11-08 15:15:24,719 INFO L432 NwaCegarLoop]: 72 mSDtfsCounter, 722 mSDsluCounter, 660 mSDsCounter, 0 mSdLazyCounter, 1190 mSolverCounterSat, 302 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 724 SdHoareTripleChecker+Valid, 732 SdHoareTripleChecker+Invalid, 1492 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 302 IncrementalHoareTripleChecker+Valid, 1190 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:24,719 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [724 Valid, 732 Invalid, 1492 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [302 Valid, 1190 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-08 15:15:24,719 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:15:24,720 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:15:24,720 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:24,720 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:15:24,720 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2024-11-08 15:15:24,721 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:24,721 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:15:24,721 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 6.75) internal successors, (135), 14 states have internal predecessors, (135), 6 states have call successors, (25), 10 states have call predecessors, (25), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-08 15:15:24,721 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:15:24,721 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:15:24,724 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:15:24,741 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:15:24,928 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2024-11-08 15:15:24,931 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:24,933 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:15:27,534 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:15:27,550 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)) Eliminated clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= ~pumpRunning~0 1)) [2024-11-08 15:15:27,569 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (or (= |old(~methaneLevelCritical~0)| 0) (not (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-08 15:15:27,576 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse0 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse0 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1)))))) [2024-11-08 15:15:27,583 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-08 15:15:27,591 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-08 15:15:27,594 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-08 15:15:27,597 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= |old(~waterLevel~0)| 2) (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 (<= |old(~waterLevel~0)| 1))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and .cse0 (<= ~waterLevel~0 2) (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0))) [2024-11-08 15:15:27,604 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-08 15:15:27,607 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-08 15:15:27,609 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:15:27 BoogieIcfgContainer [2024-11-08 15:15:27,609 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:15:27,609 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:15:27,609 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:15:27,610 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:15:27,610 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:17" (3/4) ... [2024-11-08 15:15:27,613 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:15:27,617 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:15:27,617 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:15:27,617 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:15:27,617 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:15:27,618 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:15:27,618 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-08 15:15:27,618 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-08 15:15:27,618 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:15:27,618 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-08 15:15:27,625 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-08 15:15:27,626 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:15:27,626 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:15:27,627 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:15:27,627 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:15:27,744 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:15:27,745 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:15:27,745 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:15:27,746 INFO L158 Benchmark]: Toolchain (without parser) took 11355.52ms. Allocated memory was 174.1MB in the beginning and 308.3MB in the end (delta: 134.2MB). Free memory was 118.3MB in the beginning and 201.6MB in the end (delta: -83.3MB). Peak memory consumption was 52.5MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,746 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 174.1MB. Free memory is still 134.6MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:15:27,746 INFO L158 Benchmark]: CACSL2BoogieTranslator took 514.34ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 96.0MB in the end (delta: 22.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,746 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.20ms. Allocated memory is still 174.1MB. Free memory was 96.0MB in the beginning and 93.4MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,747 INFO L158 Benchmark]: Boogie Preprocessor took 48.25ms. Allocated memory is still 174.1MB. Free memory was 93.4MB in the beginning and 91.1MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,747 INFO L158 Benchmark]: RCFGBuilder took 605.49ms. Allocated memory is still 174.1MB. Free memory was 91.1MB in the beginning and 129.7MB in the end (delta: -38.6MB). Peak memory consumption was 11.4MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,748 INFO L158 Benchmark]: TraceAbstraction took 9995.91ms. Allocated memory was 174.1MB in the beginning and 308.3MB in the end (delta: 134.2MB). Free memory was 129.7MB in the beginning and 210.0MB in the end (delta: -80.3MB). Peak memory consumption was 169.0MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,748 INFO L158 Benchmark]: Witness Printer took 135.63ms. Allocated memory is still 308.3MB. Free memory was 208.9MB in the beginning and 201.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-08 15:15:27,749 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 174.1MB. Free memory is still 134.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 514.34ms. Allocated memory is still 174.1MB. Free memory was 118.3MB in the beginning and 96.0MB in the end (delta: 22.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.20ms. Allocated memory is still 174.1MB. Free memory was 96.0MB in the beginning and 93.4MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 48.25ms. Allocated memory is still 174.1MB. Free memory was 93.4MB in the beginning and 91.1MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 605.49ms. Allocated memory is still 174.1MB. Free memory was 91.1MB in the beginning and 129.7MB in the end (delta: -38.6MB). Peak memory consumption was 11.4MB. Max. memory is 16.1GB. * TraceAbstraction took 9995.91ms. Allocated memory was 174.1MB in the beginning and 308.3MB in the end (delta: 134.2MB). Free memory was 129.7MB in the beginning and 210.0MB in the end (delta: -80.3MB). Peak memory consumption was 169.0MB. Max. memory is 16.1GB. * Witness Printer took 135.63ms. Allocated memory is still 308.3MB. Free memory was 208.9MB in the beginning and 201.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] - GenericResultAtLocation [Line: 262]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] - GenericResultAtLocation [Line: 271]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] - GenericResultAtLocation [Line: 306]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] - GenericResultAtLocation [Line: 341]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] - GenericResultAtLocation [Line: 707]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] - GenericResultAtLocation [Line: 775]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 267]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.3s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2119 SdHoareTripleChecker+Valid, 2.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2079 mSDsluCounter, 3908 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2723 mSDsCounter, 646 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2804 IncrementalHoareTripleChecker+Invalid, 3450 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 646 mSolverCounterUnsat, 1185 mSDtfsCounter, 2804 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 428 GetRequests, 292 SyntacticMatches, 8 SemanticMatches, 128 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1198 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=332occurred in iteration=9, InterpolantAutomatonStates: 121, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 12 MinimizatonAttempts, 32 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.1s InterpolantComputationTime, 676 NumberOfCodeBlocks, 676 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 753 ConstructedInterpolants, 0 QuantifiedInterpolants, 1421 SizeOfPredicates, 2 NumberOfNonLiveVariables, 301 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 63/84 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 718]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 719]: Loop Invariant Derived loop invariant: ((((((2 == waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((waterLevel <= 1) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) - ProcedureContractResult [Line: 898]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1)) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 805]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((waterLevel == \old(waterLevel)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 781]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: (((((((\old(pumpRunning) != 0) || ((((2 == waterLevel) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (\old(waterLevel) < 2)) && (((((waterLevel <= 1) && (waterLevel <= \old(waterLevel))) && (pumpRunning == 1)) || (\old(pumpRunning) != 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel))))) && (((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || ((((2 == waterLevel) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1)))) && (((1 == systemActive) && (\old(pumpRunning) == 0)) || (((1 == systemActive) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 163]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 96]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 813]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((1 == systemActive) && (\old(pumpRunning) == 0))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((waterLevel < 2) || ((2 == waterLevel) && (pumpRunning == 1)))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((((((pumpRunning != 0) || (2 == waterLevel)) || (\old(waterLevel) != 1)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((1 == systemActive) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 839]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Ensures: ((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((1 == systemActive) && (\old(pumpRunning) == 0))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((waterLevel < 2) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:15:27,780 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE