./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c7c6ca5d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 707a68b5ae5daf5497cfeaeef06b8e51a77f018401ec73338bde503119bd77ef --- Real Ultimate output --- This is Ultimate 0.2.5-?-c7c6ca5-m [2024-11-08 15:15:42,888 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-08 15:15:42,952 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-08 15:15:42,956 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-08 15:15:42,959 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-08 15:15:42,980 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-08 15:15:42,982 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-08 15:15:42,982 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-08 15:15:42,983 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-08 15:15:42,984 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-08 15:15:42,986 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-08 15:15:42,986 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-08 15:15:42,986 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-08 15:15:42,986 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-08 15:15:42,987 INFO L153 SettingsManager]: * Use SBE=true [2024-11-08 15:15:42,987 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-08 15:15:42,987 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-08 15:15:42,987 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-08 15:15:42,988 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-08 15:15:42,989 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-08 15:15:42,989 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-08 15:15:42,989 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-08 15:15:42,989 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-08 15:15:42,990 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-08 15:15:42,990 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-08 15:15:42,990 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-08 15:15:42,991 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-08 15:15:42,991 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-08 15:15:42,991 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-08 15:15:42,991 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-08 15:15:42,992 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-08 15:15:42,992 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-08 15:15:42,992 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:15:42,992 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-08 15:15:42,993 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-08 15:15:42,993 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-08 15:15:42,993 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-08 15:15:42,994 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-08 15:15:42,994 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-08 15:15:42,994 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-08 15:15:42,994 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-08 15:15:42,995 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-08 15:15:42,995 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 707a68b5ae5daf5497cfeaeef06b8e51a77f018401ec73338bde503119bd77ef [2024-11-08 15:15:43,187 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-08 15:15:43,204 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-08 15:15:43,207 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-08 15:15:43,207 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-08 15:15:43,208 INFO L274 PluginConnector]: CDTParser initialized [2024-11-08 15:15:43,209 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c [2024-11-08 15:15:44,421 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-08 15:15:44,626 INFO L384 CDTParser]: Found 1 translation units. [2024-11-08 15:15:44,626 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c [2024-11-08 15:15:44,643 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e7b9f6684/494cf88c54b64adabc5b8f63f59448e5/FLAG21bca5d15 [2024-11-08 15:15:44,978 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/e7b9f6684/494cf88c54b64adabc5b8f63f59448e5 [2024-11-08 15:15:44,980 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-08 15:15:44,981 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-08 15:15:44,982 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-08 15:15:44,982 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-08 15:15:44,986 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-08 15:15:44,987 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:15:44" (1/1) ... [2024-11-08 15:15:44,987 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@18657c7b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:44, skipping insertion in model container [2024-11-08 15:15:44,987 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 08.11 03:15:44" (1/1) ... [2024-11-08 15:15:45,022 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-08 15:15:45,187 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c[2897,2910] [2024-11-08 15:15:45,266 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:15:45,277 INFO L200 MainTranslator]: Completed pre-run [2024-11-08 15:15:45,284 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2024-11-08 15:15:45,285 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [153] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [162] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [190] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [283] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [351] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [538] [2024-11-08 15:15:45,286 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [573] [2024-11-08 15:15:45,292 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product27.cil.c[2897,2910] [2024-11-08 15:15:45,329 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-08 15:15:45,345 INFO L204 MainTranslator]: Completed translation [2024-11-08 15:15:45,346 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45 WrapperNode [2024-11-08 15:15:45,346 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-08 15:15:45,350 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-08 15:15:45,350 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-08 15:15:45,350 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-08 15:15:45,355 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,370 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,388 INFO L138 Inliner]: procedures = 54, calls = 97, calls flagged for inlining = 23, calls inlined = 17, statements flattened = 169 [2024-11-08 15:15:45,388 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-08 15:15:45,388 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-08 15:15:45,389 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-08 15:15:45,389 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-08 15:15:45,397 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,397 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,398 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,411 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-08 15:15:45,411 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,412 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,417 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,419 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,420 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,421 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,422 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-08 15:15:45,423 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-08 15:15:45,423 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-08 15:15:45,423 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-08 15:15:45,424 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (1/1) ... [2024-11-08 15:15:45,428 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-08 15:15:45,436 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:15:45,447 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-08 15:15:45,450 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-08 15:15:45,484 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-08 15:15:45,484 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-08 15:15:45,484 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-08 15:15:45,484 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-08 15:15:45,484 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-08 15:15:45,484 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-08 15:15:45,484 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-08 15:15:45,484 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-08 15:15:45,485 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-08 15:15:45,485 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-08 15:15:45,485 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-08 15:15:45,485 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-08 15:15:45,485 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-08 15:15:45,485 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-08 15:15:45,485 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-08 15:15:45,485 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-08 15:15:45,541 INFO L238 CfgBuilder]: Building ICFG [2024-11-08 15:15:45,543 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-08 15:15:45,726 INFO L? ?]: Removed 36 outVars from TransFormulas that were not future-live. [2024-11-08 15:15:45,726 INFO L287 CfgBuilder]: Performing block encoding [2024-11-08 15:15:45,735 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-08 15:15:45,735 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-08 15:15:45,736 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:45 BoogieIcfgContainer [2024-11-08 15:15:45,736 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-08 15:15:45,737 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-08 15:15:45,738 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-08 15:15:45,740 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-08 15:15:45,740 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 08.11 03:15:44" (1/3) ... [2024-11-08 15:15:45,740 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@34cf9b5c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:15:45, skipping insertion in model container [2024-11-08 15:15:45,740 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 08.11 03:15:45" (2/3) ... [2024-11-08 15:15:45,741 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@34cf9b5c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 08.11 03:15:45, skipping insertion in model container [2024-11-08 15:15:45,741 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:45" (3/3) ... [2024-11-08 15:15:45,741 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product27.cil.c [2024-11-08 15:15:45,753 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-08 15:15:45,754 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-08 15:15:45,801 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-08 15:15:45,806 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@430fd926, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-08 15:15:45,806 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-08 15:15:45,809 INFO L276 IsEmpty]: Start isEmpty. Operand has 76 states, 58 states have (on average 1.396551724137931) internal successors, (81), 65 states have internal predecessors, (81), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-08 15:15:45,815 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2024-11-08 15:15:45,815 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:45,815 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:45,815 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:45,819 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:45,819 INFO L85 PathProgramCache]: Analyzing trace with hash 1407183598, now seen corresponding path program 1 times [2024-11-08 15:15:45,825 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:45,826 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1193846159] [2024-11-08 15:15:45,826 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:45,826 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:45,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:45,971 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:45,971 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:45,971 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1193846159] [2024-11-08 15:15:45,972 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1193846159] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:45,972 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:45,972 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:15:45,973 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1001634517] [2024-11-08 15:15:45,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:45,976 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-08 15:15:45,976 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:45,991 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-08 15:15:45,991 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:15:45,993 INFO L87 Difference]: Start difference. First operand has 76 states, 58 states have (on average 1.396551724137931) internal successors, (81), 65 states have internal predecessors, (81), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,011 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:46,011 INFO L93 Difference]: Finished difference Result 144 states and 197 transitions. [2024-11-08 15:15:46,012 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-08 15:15:46,013 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2024-11-08 15:15:46,013 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:46,019 INFO L225 Difference]: With dead ends: 144 [2024-11-08 15:15:46,019 INFO L226 Difference]: Without dead ends: 67 [2024-11-08 15:15:46,021 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-08 15:15:46,023 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 95 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:46,024 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 95 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:46,035 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2024-11-08 15:15:46,048 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2024-11-08 15:15:46,049 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 51 states have (on average 1.3137254901960784) internal successors, (67), 57 states have internal predecessors, (67), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-08 15:15:46,050 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 86 transitions. [2024-11-08 15:15:46,052 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 86 transitions. Word has length 19 [2024-11-08 15:15:46,052 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:46,052 INFO L471 AbstractCegarLoop]: Abstraction has 67 states and 86 transitions. [2024-11-08 15:15:46,052 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 8.5) internal successors, (17), 2 states have internal predecessors, (17), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,053 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 86 transitions. [2024-11-08 15:15:46,054 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2024-11-08 15:15:46,054 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:46,054 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:46,054 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-08 15:15:46,055 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:46,055 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:46,055 INFO L85 PathProgramCache]: Analyzing trace with hash 321226629, now seen corresponding path program 1 times [2024-11-08 15:15:46,055 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:46,056 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1495248283] [2024-11-08 15:15:46,056 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:46,056 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:46,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:46,158 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:46,158 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:46,158 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1495248283] [2024-11-08 15:15:46,159 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1495248283] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:46,159 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:46,159 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-08 15:15:46,159 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [133654473] [2024-11-08 15:15:46,159 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:46,160 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:15:46,160 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:46,161 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:15:46,161 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:46,161 INFO L87 Difference]: Start difference. First operand 67 states and 86 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,173 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:46,174 INFO L93 Difference]: Finished difference Result 96 states and 122 transitions. [2024-11-08 15:15:46,174 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:15:46,176 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 20 [2024-11-08 15:15:46,177 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:46,178 INFO L225 Difference]: With dead ends: 96 [2024-11-08 15:15:46,179 INFO L226 Difference]: Without dead ends: 58 [2024-11-08 15:15:46,179 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:46,181 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 16 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:46,181 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 125 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:46,182 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 58 states. [2024-11-08 15:15:46,188 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 58 to 58. [2024-11-08 15:15:46,188 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 58 states, 45 states have (on average 1.3333333333333333) internal successors, (60), 51 states have internal predecessors, (60), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2024-11-08 15:15:46,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 58 states to 58 states and 74 transitions. [2024-11-08 15:15:46,193 INFO L78 Accepts]: Start accepts. Automaton has 58 states and 74 transitions. Word has length 20 [2024-11-08 15:15:46,193 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:46,193 INFO L471 AbstractCegarLoop]: Abstraction has 58 states and 74 transitions. [2024-11-08 15:15:46,193 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,193 INFO L276 IsEmpty]: Start isEmpty. Operand 58 states and 74 transitions. [2024-11-08 15:15:46,197 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-08 15:15:46,198 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:46,198 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:46,198 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-08 15:15:46,198 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:46,198 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:46,199 INFO L85 PathProgramCache]: Analyzing trace with hash 1713085083, now seen corresponding path program 1 times [2024-11-08 15:15:46,199 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:46,199 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [658565353] [2024-11-08 15:15:46,199 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:46,199 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:46,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:46,316 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:46,317 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:46,317 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [658565353] [2024-11-08 15:15:46,317 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [658565353] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:46,317 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:46,318 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-08 15:15:46,318 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1664412636] [2024-11-08 15:15:46,318 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:46,318 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-08 15:15:46,318 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:46,319 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-08 15:15:46,319 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-08 15:15:46,319 INFO L87 Difference]: Start difference. First operand 58 states and 74 transitions. Second operand has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,423 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:46,424 INFO L93 Difference]: Finished difference Result 197 states and 259 transitions. [2024-11-08 15:15:46,424 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-08 15:15:46,424 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2024-11-08 15:15:46,424 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:46,425 INFO L225 Difference]: With dead ends: 197 [2024-11-08 15:15:46,426 INFO L226 Difference]: Without dead ends: 146 [2024-11-08 15:15:46,426 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:15:46,427 INFO L432 NwaCegarLoop]: 83 mSDtfsCounter, 121 mSDsluCounter, 269 mSDsCounter, 0 mSdLazyCounter, 66 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 121 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 66 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:46,429 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [121 Valid, 352 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 66 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:15:46,430 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states. [2024-11-08 15:15:46,448 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 140. [2024-11-08 15:15:46,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 107 states have (on average 1.3738317757009346) internal successors, (147), 121 states have internal predecessors, (147), 18 states have call successors, (18), 14 states have call predecessors, (18), 14 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2024-11-08 15:15:46,450 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 184 transitions. [2024-11-08 15:15:46,451 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 184 transitions. Word has length 24 [2024-11-08 15:15:46,454 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:46,454 INFO L471 AbstractCegarLoop]: Abstraction has 140 states and 184 transitions. [2024-11-08 15:15:46,454 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.8333333333333335) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,455 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 184 transitions. [2024-11-08 15:15:46,455 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-08 15:15:46,455 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:46,455 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:46,455 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-08 15:15:46,456 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:46,456 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:46,456 INFO L85 PathProgramCache]: Analyzing trace with hash -1716928239, now seen corresponding path program 1 times [2024-11-08 15:15:46,456 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:46,456 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1827674041] [2024-11-08 15:15:46,456 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:46,456 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:46,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:46,613 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:46,613 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:46,614 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1827674041] [2024-11-08 15:15:46,614 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1827674041] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:46,614 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:46,614 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-08 15:15:46,614 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1654659563] [2024-11-08 15:15:46,614 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:46,615 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-08 15:15:46,615 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:46,615 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-08 15:15:46,616 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2024-11-08 15:15:46,616 INFO L87 Difference]: Start difference. First operand 140 states and 184 transitions. Second operand has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,819 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:46,820 INFO L93 Difference]: Finished difference Result 514 states and 714 transitions. [2024-11-08 15:15:46,820 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2024-11-08 15:15:46,820 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 28 [2024-11-08 15:15:46,821 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:46,824 INFO L225 Difference]: With dead ends: 514 [2024-11-08 15:15:46,826 INFO L226 Difference]: Without dead ends: 381 [2024-11-08 15:15:46,827 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=138, Unknown=0, NotChecked=0, Total=182 [2024-11-08 15:15:46,829 INFO L432 NwaCegarLoop]: 67 mSDtfsCounter, 105 mSDsluCounter, 369 mSDsCounter, 0 mSdLazyCounter, 115 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 105 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 119 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 115 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:46,829 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [105 Valid, 436 Invalid, 119 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 115 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:15:46,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 381 states. [2024-11-08 15:15:46,868 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 381 to 375. [2024-11-08 15:15:46,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 375 states, 284 states have (on average 1.3485915492957747) internal successors, (383), 321 states have internal predecessors, (383), 51 states have call successors, (51), 39 states have call predecessors, (51), 39 states have return successors, (65), 33 states have call predecessors, (65), 51 states have call successors, (65) [2024-11-08 15:15:46,871 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 375 states to 375 states and 499 transitions. [2024-11-08 15:15:46,872 INFO L78 Accepts]: Start accepts. Automaton has 375 states and 499 transitions. Word has length 28 [2024-11-08 15:15:46,872 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:46,872 INFO L471 AbstractCegarLoop]: Abstraction has 375 states and 499 transitions. [2024-11-08 15:15:46,872 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 3.375) internal successors, (27), 7 states have internal predecessors, (27), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,872 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 499 transitions. [2024-11-08 15:15:46,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-08 15:15:46,874 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:46,874 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:46,874 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-08 15:15:46,874 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:46,874 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:46,875 INFO L85 PathProgramCache]: Analyzing trace with hash 1150482326, now seen corresponding path program 1 times [2024-11-08 15:15:46,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:46,875 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [348218377] [2024-11-08 15:15:46,875 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:46,875 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:46,890 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:46,914 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:46,915 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:46,915 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [348218377] [2024-11-08 15:15:46,915 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [348218377] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-08 15:15:46,915 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-08 15:15:46,915 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-08 15:15:46,915 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [357647916] [2024-11-08 15:15:46,915 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-08 15:15:46,915 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-08 15:15:46,915 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:46,916 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-08 15:15:46,916 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:46,916 INFO L87 Difference]: Start difference. First operand 375 states and 499 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,937 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:46,939 INFO L93 Difference]: Finished difference Result 650 states and 879 transitions. [2024-11-08 15:15:46,939 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-08 15:15:46,939 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2024-11-08 15:15:46,939 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:46,941 INFO L225 Difference]: With dead ends: 650 [2024-11-08 15:15:46,942 INFO L226 Difference]: Without dead ends: 282 [2024-11-08 15:15:46,944 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-08 15:15:46,945 INFO L432 NwaCegarLoop]: 49 mSDtfsCounter, 33 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 33 SdHoareTripleChecker+Valid, 49 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:46,948 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [33 Valid, 49 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-08 15:15:46,948 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2024-11-08 15:15:46,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 276. [2024-11-08 15:15:46,964 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 215 states have (on average 1.2651162790697674) internal successors, (272), 231 states have internal predecessors, (272), 30 states have call successors, (30), 30 states have call predecessors, (30), 30 states have return successors, (36), 30 states have call predecessors, (36), 30 states have call successors, (36) [2024-11-08 15:15:46,965 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 338 transitions. [2024-11-08 15:15:46,966 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 338 transitions. Word has length 30 [2024-11-08 15:15:46,966 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:46,966 INFO L471 AbstractCegarLoop]: Abstraction has 276 states and 338 transitions. [2024-11-08 15:15:46,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 2 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:46,966 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 338 transitions. [2024-11-08 15:15:46,969 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-08 15:15:46,970 INFO L207 NwaCegarLoop]: Found error trace [2024-11-08 15:15:46,971 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-08 15:15:46,971 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-08 15:15:46,971 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-08 15:15:46,971 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-08 15:15:46,971 INFO L85 PathProgramCache]: Analyzing trace with hash -1844755754, now seen corresponding path program 1 times [2024-11-08 15:15:46,971 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-08 15:15:46,972 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1930872188] [2024-11-08 15:15:46,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:46,972 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-08 15:15:46,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:47,056 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2024-11-08 15:15:47,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:47,070 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2024-11-08 15:15:47,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:47,081 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-11-08 15:15:47,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:47,086 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-11-08 15:15:47,088 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-08 15:15:47,088 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1930872188] [2024-11-08 15:15:47,088 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1930872188] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-08 15:15:47,089 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [553396906] [2024-11-08 15:15:47,089 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-08 15:15:47,089 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-08 15:15:47,089 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-08 15:15:47,090 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-08 15:15:47,092 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-08 15:15:47,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-08 15:15:47,150 INFO L255 TraceCheckSpWp]: Trace formula consists of 207 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-08 15:15:47,154 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-08 15:15:47,281 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 15 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-08 15:15:47,281 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-08 15:15:47,464 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 15 proven. 3 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-08 15:15:47,465 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [553396906] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-08 15:15:47,465 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-08 15:15:47,465 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 7] total 15 [2024-11-08 15:15:47,466 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [893867035] [2024-11-08 15:15:47,466 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-08 15:15:47,466 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-08 15:15:47,466 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-08 15:15:47,467 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-08 15:15:47,468 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=162, Unknown=0, NotChecked=0, Total=210 [2024-11-08 15:15:47,468 INFO L87 Difference]: Start difference. First operand 276 states and 338 transitions. Second operand has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-08 15:15:47,664 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-08 15:15:47,665 INFO L93 Difference]: Finished difference Result 373 states and 455 transitions. [2024-11-08 15:15:47,665 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-08 15:15:47,665 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 53 [2024-11-08 15:15:47,665 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-08 15:15:47,666 INFO L225 Difference]: With dead ends: 373 [2024-11-08 15:15:47,666 INFO L226 Difference]: Without dead ends: 0 [2024-11-08 15:15:47,667 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 122 GetRequests, 100 SyntacticMatches, 4 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 56 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=99, Invalid=281, Unknown=0, NotChecked=0, Total=380 [2024-11-08 15:15:47,667 INFO L432 NwaCegarLoop]: 60 mSDtfsCounter, 129 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 39 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 129 SdHoareTripleChecker+Valid, 265 SdHoareTripleChecker+Invalid, 203 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 39 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-08 15:15:47,667 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [129 Valid, 265 Invalid, 203 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [39 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-08 15:15:47,668 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-08 15:15:47,668 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-08 15:15:47,668 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-08 15:15:47,668 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-08 15:15:47,668 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 53 [2024-11-08 15:15:47,668 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-08 15:15:47,668 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-08 15:15:47,668 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 5.933333333333334) internal successors, (89), 12 states have internal predecessors, (89), 4 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-08 15:15:47,669 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-08 15:15:47,669 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-08 15:15:47,671 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-08 15:15:47,688 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-08 15:15:47,871 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2024-11-08 15:15:47,874 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2024-11-08 15:15:47,876 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-08 15:15:48,502 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-08 15:15:48,525 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~pumpRunning~0)| 0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 1 |old(~waterLevel~0)|)) Eliminated clause: (and (= ~pumpRunning~0 0) (<= 1 ~waterLevel~0)) [2024-11-08 15:15:48,529 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 1 |old(~waterLevel~0)|)) Eliminated clause: (and (= ~pumpRunning~0 0) (<= 1 ~waterLevel~0)) [2024-11-08 15:15:48,532 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 08.11 03:15:48 BoogieIcfgContainer [2024-11-08 15:15:48,532 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-08 15:15:48,532 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-08 15:15:48,532 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-08 15:15:48,533 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-08 15:15:48,533 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 08.11 03:15:45" (3/4) ... [2024-11-08 15:15:48,535 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-08 15:15:48,538 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-08 15:15:48,538 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-08 15:15:48,538 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-08 15:15:48,538 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-08 15:15:48,539 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-08 15:15:48,539 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-08 15:15:48,545 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 20 nodes and edges [2024-11-08 15:15:48,546 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-08 15:15:48,546 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-08 15:15:48,546 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:15:48,546 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-08 15:15:48,627 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-08 15:15:48,627 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-08 15:15:48,627 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-08 15:15:48,628 INFO L158 Benchmark]: Toolchain (without parser) took 3646.89ms. Allocated memory was 146.8MB in the beginning and 201.3MB in the end (delta: 54.5MB). Free memory was 90.3MB in the beginning and 77.4MB in the end (delta: 12.9MB). Peak memory consumption was 68.3MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,628 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 146.8MB. Free memory is still 108.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-08 15:15:48,628 INFO L158 Benchmark]: CACSL2BoogieTranslator took 367.03ms. Allocated memory is still 146.8MB. Free memory was 89.9MB in the beginning and 68.9MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,629 INFO L158 Benchmark]: Boogie Procedure Inliner took 38.20ms. Allocated memory is still 146.8MB. Free memory was 68.9MB in the beginning and 66.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,629 INFO L158 Benchmark]: Boogie Preprocessor took 33.99ms. Allocated memory is still 146.8MB. Free memory was 66.8MB in the beginning and 64.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,629 INFO L158 Benchmark]: RCFGBuilder took 313.03ms. Allocated memory was 146.8MB in the beginning and 201.3MB in the end (delta: 54.5MB). Free memory was 64.3MB in the beginning and 164.6MB in the end (delta: -100.3MB). Peak memory consumption was 18.8MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,629 INFO L158 Benchmark]: TraceAbstraction took 2794.50ms. Allocated memory is still 201.3MB. Free memory was 164.6MB in the beginning and 83.6MB in the end (delta: 81.0MB). Peak memory consumption was 81.0MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,630 INFO L158 Benchmark]: Witness Printer took 95.20ms. Allocated memory is still 201.3MB. Free memory was 83.6MB in the beginning and 77.4MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-08 15:15:48,631 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 146.8MB. Free memory is still 108.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 367.03ms. Allocated memory is still 146.8MB. Free memory was 89.9MB in the beginning and 68.9MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 38.20ms. Allocated memory is still 146.8MB. Free memory was 68.9MB in the beginning and 66.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 33.99ms. Allocated memory is still 146.8MB. Free memory was 66.8MB in the beginning and 64.3MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 313.03ms. Allocated memory was 146.8MB in the beginning and 201.3MB in the end (delta: 54.5MB). Free memory was 64.3MB in the beginning and 164.6MB in the end (delta: -100.3MB). Peak memory consumption was 18.8MB. Max. memory is 16.1GB. * TraceAbstraction took 2794.50ms. Allocated memory is still 201.3MB. Free memory was 164.6MB in the beginning and 83.6MB in the end (delta: 81.0MB). Peak memory consumption was 81.0MB. Max. memory is 16.1GB. * Witness Printer took 95.20ms. Allocated memory is still 201.3MB. Free memory was 83.6MB in the beginning and 77.4MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [153] - GenericResultAtLocation [Line: 162]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [162] - GenericResultAtLocation [Line: 190]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [190] - GenericResultAtLocation [Line: 283]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [283] - GenericResultAtLocation [Line: 351]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [351] - GenericResultAtLocation [Line: 538]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [538] - GenericResultAtLocation [Line: 573]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [573] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 158]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 76 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 2.1s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 408 SdHoareTripleChecker+Valid, 0.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 404 mSDsluCounter, 1322 SdHoareTripleChecker+Invalid, 0.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 895 mSDsCounter, 46 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 350 IncrementalHoareTripleChecker+Invalid, 396 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 46 mSolverCounterUnsat, 427 mSDtfsCounter, 350 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 151 GetRequests, 109 SyntacticMatches, 4 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 74 ImplicationChecksByTransitivity, 0.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=375occurred in iteration=4, InterpolantAutomatonStates: 31, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 18 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.8s InterpolantComputationTime, 227 NumberOfCodeBlocks, 227 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 272 ConstructedInterpolants, 0 QuantifiedInterpolants, 735 SizeOfPredicates, 0 NumberOfNonLiveVariables, 207 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 48/54 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 295]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel == 1)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (splverifierCounter == 0))) - InvariantResult [Line: 294]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 440]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: 0 Ensures: (0 && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 381]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 <= waterLevel)) && (0 != systemActive))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 221]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((pumpRunning == 0) && (waterLevel == 1)) || ((pumpRunning == 0) && (2 <= waterLevel))) Ensures: ((((pumpRunning == 0) && (waterLevel == 1)) || ((pumpRunning == 0) && (2 <= waterLevel))) && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 357]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((pumpRunning == 0) && (1 <= waterLevel)) Ensures: (((((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)) && (1 <= \old(waterLevel))) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 52]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 209]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((pumpRunning == 0) && (1 <= waterLevel)) Ensures: (((((pumpRunning == 0) && (2 <= waterLevel)) && ((\old(waterLevel) == 1) || (\old(waterLevel) == waterLevel))) && (1 <= \old(waterLevel))) && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) RESULT: Ultimate proved your program to be correct! [2024-11-08 15:15:48,652 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE