./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9a8ef44eebf77bb9089ba7256f54c924b643d97224560b14ff4a2b7df3dcc9e0 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:51:55,798 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:51:55,843 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:51:55,847 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:51:55,848 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:51:55,864 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:51:55,865 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:51:55,865 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:51:55,866 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:51:55,866 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:51:55,866 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:51:55,866 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:51:55,867 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:51:55,867 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:51:55,867 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:51:55,868 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:51:55,868 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:51:55,868 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:51:55,869 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:51:55,869 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:51:55,869 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:51:55,870 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:51:55,870 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:51:55,870 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:51:55,871 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:51:55,871 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:51:55,871 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:51:55,871 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:51:55,872 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:51:55,872 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:51:55,872 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:51:55,872 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:51:55,873 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:51:55,873 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:51:55,873 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:51:55,873 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:51:55,873 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:51:55,874 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:51:55,874 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:51:55,874 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:51:55,874 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:51:55,874 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:51:55,875 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9a8ef44eebf77bb9089ba7256f54c924b643d97224560b14ff4a2b7df3dcc9e0 [2024-11-16 07:51:56,067 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:51:56,104 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:51:56,106 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:51:56,107 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:51:56,107 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:51:56,108 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c [2024-11-16 07:51:57,478 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:51:57,661 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:51:57,662 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c [2024-11-16 07:51:57,672 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4e69e5785/de1bd1ab1cf445e8b6337a8fefd16c93/FLAG5e861658e [2024-11-16 07:51:57,697 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/4e69e5785/de1bd1ab1cf445e8b6337a8fefd16c93 [2024-11-16 07:51:57,699 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:51:57,704 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:51:57,708 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:51:57,708 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:51:57,712 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:51:57,713 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:51:57" (1/1) ... [2024-11-16 07:51:57,714 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7e0082cc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:57, skipping insertion in model container [2024-11-16 07:51:57,714 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:51:57" (1/1) ... [2024-11-16 07:51:57,772 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:51:58,056 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c[3064,3077] [2024-11-16 07:51:58,234 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:51:58,250 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:51:58,266 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-16 07:51:58,270 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [150] [2024-11-16 07:51:58,271 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [159] [2024-11-16 07:51:58,271 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [186] [2024-11-16 07:51:58,271 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [288] [2024-11-16 07:51:58,275 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [323] [2024-11-16 07:51:58,275 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2024-11-16 07:51:58,276 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [754] [2024-11-16 07:51:58,287 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product45.cil.c[3064,3077] [2024-11-16 07:51:58,377 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:51:58,416 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:51:58,420 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58 WrapperNode [2024-11-16 07:51:58,421 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:51:58,422 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:51:58,425 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:51:58,425 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:51:58,437 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,463 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,526 INFO L138 Inliner]: procedures = 54, calls = 99, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 184 [2024-11-16 07:51:58,534 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:51:58,535 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:51:58,535 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:51:58,543 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:51:58,565 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,568 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,574 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,621 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:51:58,623 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,623 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,626 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,627 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,628 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,628 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,630 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:51:58,631 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:51:58,631 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:51:58,631 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:51:58,632 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (1/1) ... [2024-11-16 07:51:58,639 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:51:58,659 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:51:58,676 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:51:58,683 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:51:58,758 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:51:58,762 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:51:58,762 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:51:58,762 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-16 07:51:58,763 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:51:58,763 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:51:58,764 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:51:58,764 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:51:58,764 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:51:58,908 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:51:58,911 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:51:59,064 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L893-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; [2024-11-16 07:51:59,083 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L101: #res := ~retValue_acc~0; [2024-11-16 07:51:59,135 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L320-1: valid_product_#res#1 := valid_product_~retValue_acc~5#1; [2024-11-16 07:51:59,135 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L285-1: main_#res#1 := main_~retValue_acc~3#1; [2024-11-16 07:51:59,158 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L948-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~11#1; [2024-11-16 07:51:59,159 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L147-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~2#1; [2024-11-16 07:51:59,163 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L884: #res := ~retValue_acc~9; [2024-11-16 07:51:59,176 INFO L? ?]: Removed 41 outVars from TransFormulas that were not future-live. [2024-11-16 07:51:59,176 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:51:59,187 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:51:59,187 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:51:59,187 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:51:59 BoogieIcfgContainer [2024-11-16 07:51:59,188 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:51:59,189 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:51:59,190 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:51:59,192 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:51:59,193 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:51:57" (1/3) ... [2024-11-16 07:51:59,193 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7fed0aad and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:51:59, skipping insertion in model container [2024-11-16 07:51:59,193 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:51:58" (2/3) ... [2024-11-16 07:51:59,193 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7fed0aad and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:51:59, skipping insertion in model container [2024-11-16 07:51:59,194 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:51:59" (3/3) ... [2024-11-16 07:51:59,195 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product45.cil.c [2024-11-16 07:51:59,208 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:51:59,209 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:51:59,253 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:51:59,259 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@23a5cf9c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:51:59,259 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:51:59,263 INFO L276 IsEmpty]: Start isEmpty. Operand has 99 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-16 07:51:59,270 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-16 07:51:59,270 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:51:59,271 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:51:59,271 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:51:59,275 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:51:59,275 INFO L85 PathProgramCache]: Analyzing trace with hash 1315381053, now seen corresponding path program 1 times [2024-11-16 07:51:59,282 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:51:59,283 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1181508848] [2024-11-16 07:51:59,283 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:51:59,283 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:51:59,368 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,439 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-16 07:51:59,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,451 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:51:59,456 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:51:59,456 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1181508848] [2024-11-16 07:51:59,456 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1181508848] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:51:59,457 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:51:59,457 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:51:59,459 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1192174959] [2024-11-16 07:51:59,459 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:51:59,463 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:51:59,463 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:51:59,484 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:51:59,485 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:51:59,488 INFO L87 Difference]: Start difference. First operand has 99 states, 75 states have (on average 1.3466666666666667) internal successors, (101), 83 states have internal predecessors, (101), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,517 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:51:59,517 INFO L93 Difference]: Finished difference Result 189 states and 252 transitions. [2024-11-16 07:51:59,518 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:51:59,520 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-16 07:51:59,520 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:51:59,527 INFO L225 Difference]: With dead ends: 189 [2024-11-16 07:51:59,527 INFO L226 Difference]: Without dead ends: 88 [2024-11-16 07:51:59,530 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:51:59,532 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:51:59,533 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:51:59,546 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-16 07:51:59,565 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-16 07:51:59,568 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 66 states have (on average 1.2878787878787878) internal successors, (85), 73 states have internal predecessors, (85), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-16 07:51:59,570 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 112 transitions. [2024-11-16 07:51:59,572 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 112 transitions. Word has length 25 [2024-11-16 07:51:59,573 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:51:59,573 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 112 transitions. [2024-11-16 07:51:59,574 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,574 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 112 transitions. [2024-11-16 07:51:59,576 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-16 07:51:59,579 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:51:59,579 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:51:59,579 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:51:59,580 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:51:59,580 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:51:59,580 INFO L85 PathProgramCache]: Analyzing trace with hash -2066312457, now seen corresponding path program 1 times [2024-11-16 07:51:59,580 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:51:59,580 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [40042714] [2024-11-16 07:51:59,581 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:51:59,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:51:59,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,709 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-16 07:51:59,711 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,715 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:51:59,717 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:51:59,717 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [40042714] [2024-11-16 07:51:59,717 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [40042714] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:51:59,717 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:51:59,717 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:51:59,717 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2082264066] [2024-11-16 07:51:59,718 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:51:59,718 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:51:59,719 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:51:59,719 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:51:59,720 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:51:59,720 INFO L87 Difference]: Start difference. First operand 88 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,741 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:51:59,744 INFO L93 Difference]: Finished difference Result 139 states and 177 transitions. [2024-11-16 07:51:59,745 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:51:59,745 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2024-11-16 07:51:59,745 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:51:59,746 INFO L225 Difference]: With dead ends: 139 [2024-11-16 07:51:59,746 INFO L226 Difference]: Without dead ends: 77 [2024-11-16 07:51:59,747 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:51:59,748 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 11 mSDsluCounter, 80 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 177 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:51:59,748 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 177 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:51:59,751 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-16 07:51:59,760 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-16 07:51:59,760 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-16 07:51:59,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 98 transitions. [2024-11-16 07:51:59,765 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 98 transitions. Word has length 28 [2024-11-16 07:51:59,765 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:51:59,766 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 98 transitions. [2024-11-16 07:51:59,766 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,766 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 98 transitions. [2024-11-16 07:51:59,767 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-16 07:51:59,767 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:51:59,767 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:51:59,767 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:51:59,767 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:51:59,768 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:51:59,768 INFO L85 PathProgramCache]: Analyzing trace with hash -789087515, now seen corresponding path program 1 times [2024-11-16 07:51:59,768 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:51:59,768 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [809465055] [2024-11-16 07:51:59,772 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:51:59,772 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:51:59,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,868 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:51:59,872 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:51:59,873 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:51:59,875 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:51:59,875 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [809465055] [2024-11-16 07:51:59,876 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [809465055] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:51:59,876 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:51:59,876 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:51:59,876 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1787151103] [2024-11-16 07:51:59,876 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:51:59,877 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:51:59,877 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:51:59,878 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:51:59,879 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:51:59,879 INFO L87 Difference]: Start difference. First operand 77 states and 98 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,899 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:51:59,899 INFO L93 Difference]: Finished difference Result 147 states and 190 transitions. [2024-11-16 07:51:59,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:51:59,899 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2024-11-16 07:51:59,900 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:51:59,901 INFO L225 Difference]: With dead ends: 147 [2024-11-16 07:51:59,901 INFO L226 Difference]: Without dead ends: 77 [2024-11-16 07:51:59,901 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:51:59,902 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 79 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:51:59,902 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 96 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:51:59,903 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-16 07:51:59,912 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-16 07:51:59,913 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 58 states have (on average 1.293103448275862) internal successors, (75), 65 states have internal predecessors, (75), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-16 07:51:59,914 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 97 transitions. [2024-11-16 07:51:59,917 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 97 transitions. Word has length 30 [2024-11-16 07:51:59,917 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:51:59,917 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 97 transitions. [2024-11-16 07:51:59,918 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:51:59,918 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 97 transitions. [2024-11-16 07:51:59,919 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-16 07:51:59,921 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:51:59,921 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:51:59,921 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:51:59,921 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:51:59,922 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:51:59,922 INFO L85 PathProgramCache]: Analyzing trace with hash -953759009, now seen corresponding path program 1 times [2024-11-16 07:51:59,922 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:51:59,922 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [524766435] [2024-11-16 07:51:59,922 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:51:59,922 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:51:59,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,017 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:00,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,042 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:00,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,046 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2024-11-16 07:52:00,049 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,051 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:00,051 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:00,051 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [524766435] [2024-11-16 07:52:00,051 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [524766435] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:00,051 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:00,051 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:52:00,051 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [176097146] [2024-11-16 07:52:00,051 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:00,052 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:52:00,052 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:00,053 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:52:00,053 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:52:00,054 INFO L87 Difference]: Start difference. First operand 77 states and 97 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:52:00,264 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:00,264 INFO L93 Difference]: Finished difference Result 228 states and 285 transitions. [2024-11-16 07:52:00,264 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:52:00,265 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 40 [2024-11-16 07:52:00,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:00,267 INFO L225 Difference]: With dead ends: 228 [2024-11-16 07:52:00,267 INFO L226 Difference]: Without dead ends: 158 [2024-11-16 07:52:00,268 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:52:00,269 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 191 mSDsluCounter, 162 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 193 SdHoareTripleChecker+Valid, 269 SdHoareTripleChecker+Invalid, 182 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:00,269 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [193 Valid, 269 Invalid, 182 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:52:00,270 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2024-11-16 07:52:00,284 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 149. [2024-11-16 07:52:00,284 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 112 states have (on average 1.2410714285714286) internal successors, (139), 120 states have internal predecessors, (139), 18 states have call successors, (18), 15 states have call predecessors, (18), 18 states have return successors, (23), 19 states have call predecessors, (23), 18 states have call successors, (23) [2024-11-16 07:52:00,285 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 180 transitions. [2024-11-16 07:52:00,286 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 180 transitions. Word has length 40 [2024-11-16 07:52:00,286 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:00,286 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 180 transitions. [2024-11-16 07:52:00,286 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:52:00,286 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 180 transitions. [2024-11-16 07:52:00,287 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-16 07:52:00,287 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:00,288 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:00,288 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:52:00,288 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:00,288 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:00,288 INFO L85 PathProgramCache]: Analyzing trace with hash -589948157, now seen corresponding path program 1 times [2024-11-16 07:52:00,289 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:00,289 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [435859884] [2024-11-16 07:52:00,289 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:00,289 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:00,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,377 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:00,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,386 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:00,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,388 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-11-16 07:52:00,389 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,391 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:00,391 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:00,391 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [435859884] [2024-11-16 07:52:00,391 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [435859884] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:00,391 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:00,392 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:52:00,392 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1242906674] [2024-11-16 07:52:00,392 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:00,392 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:52:00,392 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:00,393 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:52:00,393 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:52:00,393 INFO L87 Difference]: Start difference. First operand 149 states and 180 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-16 07:52:00,573 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:00,574 INFO L93 Difference]: Finished difference Result 155 states and 184 transitions. [2024-11-16 07:52:00,574 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-16 07:52:00,574 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 46 [2024-11-16 07:52:00,575 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:00,575 INFO L225 Difference]: With dead ends: 155 [2024-11-16 07:52:00,576 INFO L226 Difference]: Without dead ends: 152 [2024-11-16 07:52:00,576 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-16 07:52:00,577 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 133 mSDsluCounter, 236 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 139 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 185 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:00,577 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [139 Valid, 312 Invalid, 185 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:00,578 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2024-11-16 07:52:00,587 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 149. [2024-11-16 07:52:00,588 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 112 states have (on average 1.2232142857142858) internal successors, (137), 120 states have internal predecessors, (137), 18 states have call successors, (18), 15 states have call predecessors, (18), 18 states have return successors, (23), 19 states have call predecessors, (23), 18 states have call successors, (23) [2024-11-16 07:52:00,588 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 178 transitions. [2024-11-16 07:52:00,588 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 178 transitions. Word has length 46 [2024-11-16 07:52:00,589 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:00,589 INFO L471 AbstractCegarLoop]: Abstraction has 149 states and 178 transitions. [2024-11-16 07:52:00,589 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-16 07:52:00,589 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 178 transitions. [2024-11-16 07:52:00,590 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-16 07:52:00,590 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:00,590 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:00,590 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:52:00,591 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:00,591 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:00,591 INFO L85 PathProgramCache]: Analyzing trace with hash -1050113081, now seen corresponding path program 1 times [2024-11-16 07:52:00,591 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:00,591 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [94258072] [2024-11-16 07:52:00,591 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:00,591 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:00,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,644 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:00,647 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,669 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:00,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,672 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:00,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,674 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-16 07:52:00,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,676 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:00,676 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:00,677 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [94258072] [2024-11-16 07:52:00,677 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [94258072] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:00,677 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:00,677 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:52:00,677 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [705400637] [2024-11-16 07:52:00,677 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:00,678 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:52:00,678 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:00,678 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:52:00,678 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:52:00,678 INFO L87 Difference]: Start difference. First operand 149 states and 178 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:00,801 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:00,801 INFO L93 Difference]: Finished difference Result 297 states and 361 transitions. [2024-11-16 07:52:00,801 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:52:00,801 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 56 [2024-11-16 07:52:00,801 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:00,802 INFO L225 Difference]: With dead ends: 297 [2024-11-16 07:52:00,803 INFO L226 Difference]: Without dead ends: 155 [2024-11-16 07:52:00,803 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:52:00,804 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 54 mSDsluCounter, 257 mSDsCounter, 0 mSdLazyCounter, 145 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 335 SdHoareTripleChecker+Invalid, 157 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 145 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:00,804 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 335 Invalid, 157 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 145 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:00,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 155 states. [2024-11-16 07:52:00,815 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 155 to 152. [2024-11-16 07:52:00,815 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 115 states have (on average 1.2173913043478262) internal successors, (140), 123 states have internal predecessors, (140), 18 states have call successors, (18), 15 states have call predecessors, (18), 18 states have return successors, (23), 19 states have call predecessors, (23), 18 states have call successors, (23) [2024-11-16 07:52:00,816 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 181 transitions. [2024-11-16 07:52:00,816 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 181 transitions. Word has length 56 [2024-11-16 07:52:00,817 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:00,817 INFO L471 AbstractCegarLoop]: Abstraction has 152 states and 181 transitions. [2024-11-16 07:52:00,817 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:00,817 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 181 transitions. [2024-11-16 07:52:00,818 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-16 07:52:00,818 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:00,818 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:00,818 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:52:00,819 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:00,819 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:00,819 INFO L85 PathProgramCache]: Analyzing trace with hash -699313144, now seen corresponding path program 1 times [2024-11-16 07:52:00,819 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:00,819 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1759031634] [2024-11-16 07:52:00,819 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:00,820 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:00,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,858 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:00,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,883 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:00,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,886 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:00,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,888 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-16 07:52:00,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:00,889 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:00,890 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:00,890 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1759031634] [2024-11-16 07:52:00,890 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1759031634] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:00,890 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:00,890 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:52:00,890 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [330127880] [2024-11-16 07:52:00,890 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:00,891 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:52:00,891 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:00,891 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:52:00,891 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:52:00,891 INFO L87 Difference]: Start difference. First operand 152 states and 181 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:01,037 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:01,038 INFO L93 Difference]: Finished difference Result 302 states and 366 transitions. [2024-11-16 07:52:01,038 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:52:01,039 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 56 [2024-11-16 07:52:01,039 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:01,040 INFO L225 Difference]: With dead ends: 302 [2024-11-16 07:52:01,040 INFO L226 Difference]: Without dead ends: 157 [2024-11-16 07:52:01,041 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:52:01,041 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 121 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 111 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 260 SdHoareTripleChecker+Invalid, 145 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:01,042 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [124 Valid, 260 Invalid, 145 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:01,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 157 states. [2024-11-16 07:52:01,069 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 157 to 154. [2024-11-16 07:52:01,069 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 154 states, 117 states have (on average 1.2136752136752136) internal successors, (142), 125 states have internal predecessors, (142), 18 states have call successors, (18), 15 states have call predecessors, (18), 18 states have return successors, (23), 19 states have call predecessors, (23), 18 states have call successors, (23) [2024-11-16 07:52:01,070 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 183 transitions. [2024-11-16 07:52:01,070 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 183 transitions. Word has length 56 [2024-11-16 07:52:01,070 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:01,071 INFO L471 AbstractCegarLoop]: Abstraction has 154 states and 183 transitions. [2024-11-16 07:52:01,071 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:01,071 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 183 transitions. [2024-11-16 07:52:01,076 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-16 07:52:01,076 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:01,076 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:01,076 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:52:01,077 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:01,077 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:01,077 INFO L85 PathProgramCache]: Analyzing trace with hash -771699702, now seen corresponding path program 1 times [2024-11-16 07:52:01,077 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:01,077 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [988205605] [2024-11-16 07:52:01,077 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:01,077 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:01,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,179 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:01,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,196 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:01,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,200 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:01,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,202 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2024-11-16 07:52:01,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,204 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:01,204 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:01,204 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [988205605] [2024-11-16 07:52:01,204 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [988205605] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:01,205 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:01,205 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:52:01,205 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1036170513] [2024-11-16 07:52:01,205 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:01,205 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:52:01,206 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:01,206 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:52:01,206 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:52:01,207 INFO L87 Difference]: Start difference. First operand 154 states and 183 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-16 07:52:01,392 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:01,392 INFO L93 Difference]: Finished difference Result 419 states and 524 transitions. [2024-11-16 07:52:01,393 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:52:01,393 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 56 [2024-11-16 07:52:01,393 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:01,395 INFO L225 Difference]: With dead ends: 419 [2024-11-16 07:52:01,395 INFO L226 Difference]: Without dead ends: 272 [2024-11-16 07:52:01,396 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:52:01,396 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 200 mSDsluCounter, 157 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 208 SdHoareTripleChecker+Valid, 274 SdHoareTripleChecker+Invalid, 200 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:01,397 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [208 Valid, 274 Invalid, 200 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:01,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 272 states. [2024-11-16 07:52:01,445 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 272 to 269. [2024-11-16 07:52:01,446 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 204 states have (on average 1.2107843137254901) internal successors, (247), 216 states have internal predecessors, (247), 33 states have call successors, (33), 30 states have call predecessors, (33), 31 states have return successors, (48), 33 states have call predecessors, (48), 33 states have call successors, (48) [2024-11-16 07:52:01,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 328 transitions. [2024-11-16 07:52:01,452 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 328 transitions. Word has length 56 [2024-11-16 07:52:01,452 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:01,452 INFO L471 AbstractCegarLoop]: Abstraction has 269 states and 328 transitions. [2024-11-16 07:52:01,452 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-16 07:52:01,452 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 328 transitions. [2024-11-16 07:52:01,453 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-16 07:52:01,453 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:01,454 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:01,454 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:52:01,454 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:01,455 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:01,455 INFO L85 PathProgramCache]: Analyzing trace with hash 1591088904, now seen corresponding path program 1 times [2024-11-16 07:52:01,455 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:01,455 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1624945564] [2024-11-16 07:52:01,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:01,455 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:01,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,569 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:52:01,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,588 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-16 07:52:01,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,660 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:01,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:01,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,690 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2024-11-16 07:52:01,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:01,695 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:01,695 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:01,696 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1624945564] [2024-11-16 07:52:01,696 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1624945564] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:01,696 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:01,696 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2024-11-16 07:52:01,696 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [200886750] [2024-11-16 07:52:01,696 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:01,697 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2024-11-16 07:52:01,697 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:01,697 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2024-11-16 07:52:01,697 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=109, Unknown=0, NotChecked=0, Total=132 [2024-11-16 07:52:01,697 INFO L87 Difference]: Start difference. First operand 269 states and 328 transitions. Second operand has 12 states, 12 states have (on average 3.9166666666666665) internal successors, (47), 7 states have internal predecessors, (47), 2 states have call successors, (6), 4 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:02,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:02,243 INFO L93 Difference]: Finished difference Result 813 states and 1028 transitions. [2024-11-16 07:52:02,243 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 25 states. [2024-11-16 07:52:02,243 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 12 states have (on average 3.9166666666666665) internal successors, (47), 7 states have internal predecessors, (47), 2 states have call successors, (6), 4 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 2 states have call successors, (5) Word has length 60 [2024-11-16 07:52:02,243 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:02,246 INFO L225 Difference]: With dead ends: 813 [2024-11-16 07:52:02,246 INFO L226 Difference]: Without dead ends: 551 [2024-11-16 07:52:02,247 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 30 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 195 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=208, Invalid=784, Unknown=0, NotChecked=0, Total=992 [2024-11-16 07:52:02,247 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 374 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 529 mSolverCounterSat, 160 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 380 SdHoareTripleChecker+Valid, 461 SdHoareTripleChecker+Invalid, 689 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 160 IncrementalHoareTripleChecker+Valid, 529 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:02,248 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [380 Valid, 461 Invalid, 689 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [160 Valid, 529 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-16 07:52:02,248 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 551 states. [2024-11-16 07:52:02,279 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 551 to 548. [2024-11-16 07:52:02,280 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 548 states, 410 states have (on average 1.1829268292682926) internal successors, (485), 438 states have internal predecessors, (485), 72 states have call successors, (72), 58 states have call predecessors, (72), 65 states have return successors, (111), 71 states have call predecessors, (111), 72 states have call successors, (111) [2024-11-16 07:52:02,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 548 states to 548 states and 668 transitions. [2024-11-16 07:52:02,283 INFO L78 Accepts]: Start accepts. Automaton has 548 states and 668 transitions. Word has length 60 [2024-11-16 07:52:02,283 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:02,284 INFO L471 AbstractCegarLoop]: Abstraction has 548 states and 668 transitions. [2024-11-16 07:52:02,284 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 12 states have (on average 3.9166666666666665) internal successors, (47), 7 states have internal predecessors, (47), 2 states have call successors, (6), 4 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:02,284 INFO L276 IsEmpty]: Start isEmpty. Operand 548 states and 668 transitions. [2024-11-16 07:52:02,285 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 110 [2024-11-16 07:52:02,285 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:02,285 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:02,286 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-16 07:52:02,286 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:02,286 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:02,286 INFO L85 PathProgramCache]: Analyzing trace with hash -243939649, now seen corresponding path program 1 times [2024-11-16 07:52:02,286 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:02,286 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2081240239] [2024-11-16 07:52:02,286 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:02,287 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:02,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,418 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:52:02,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,427 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:52:02,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,442 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:52:02,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,446 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:02,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,451 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:02,451 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,452 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:52:02,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,459 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2024-11-16 07:52:02,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,471 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2024-11-16 07:52:02,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,530 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:02,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,547 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 89 [2024-11-16 07:52:02,548 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,549 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:02,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,549 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2024-11-16 07:52:02,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,553 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 14 proven. 13 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2024-11-16 07:52:02,553 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:02,553 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2081240239] [2024-11-16 07:52:02,554 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2081240239] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:52:02,554 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2004200401] [2024-11-16 07:52:02,554 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:02,554 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:52:02,554 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:52:02,558 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:52:02,561 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:52:02,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:02,649 INFO L255 TraceCheckSpWp]: Trace formula consists of 332 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-16 07:52:02,663 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:52:02,832 INFO L134 CoverageAnalysis]: Checked inductivity of 45 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2024-11-16 07:52:02,834 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:52:02,835 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2004200401] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:02,835 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:52:02,835 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2024-11-16 07:52:02,835 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1352528870] [2024-11-16 07:52:02,835 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:02,836 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:52:02,836 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:02,836 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:52:02,836 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=294, Unknown=0, NotChecked=0, Total=342 [2024-11-16 07:52:02,837 INFO L87 Difference]: Start difference. First operand 548 states and 668 transitions. Second operand has 8 states, 8 states have (on average 9.625) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-16 07:52:02,960 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:02,961 INFO L93 Difference]: Finished difference Result 1193 states and 1453 transitions. [2024-11-16 07:52:02,961 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-16 07:52:02,961 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 9.625) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) Word has length 109 [2024-11-16 07:52:02,962 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:02,962 INFO L225 Difference]: With dead ends: 1193 [2024-11-16 07:52:02,962 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:52:02,964 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 142 GetRequests, 123 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 43 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=60, Invalid=360, Unknown=0, NotChecked=0, Total=420 [2024-11-16 07:52:02,965 INFO L432 NwaCegarLoop]: 164 mSDtfsCounter, 58 mSDsluCounter, 827 mSDsCounter, 0 mSdLazyCounter, 106 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 991 SdHoareTripleChecker+Invalid, 107 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 106 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:02,965 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 991 Invalid, 107 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:02,966 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:52:02,966 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:52:02,967 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:52:02,967 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:52:02,967 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 109 [2024-11-16 07:52:02,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:02,967 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:52:02,967 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 9.625) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-16 07:52:02,968 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:52:02,968 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:52:02,970 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:52:02,985 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-16 07:52:03,175 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:52:03,177 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:03,179 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:52:05,370 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:52:05,394 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) (<= 1 |old(~methaneLevelCritical~0)|) .cse0) (and .cse1 .cse0))) (or (not .cse1) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) (<= 1 |old(~methaneLevelCritical~0)|) .cse0) (and .cse1 .cse0))) (or (not .cse1) (= ~methaneLevelCritical~0 0))))) [2024-11-16 07:52:05,397 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-16 07:52:05,403 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0))) [2024-11-16 07:52:05,417 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-16 07:52:05,429 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse0 (= |old(~pumpRunning~0)| 0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-16 07:52:05,440 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:52:05 BoogieIcfgContainer [2024-11-16 07:52:05,441 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:52:05,444 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:52:05,444 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:52:05,444 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:52:05,445 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:51:59" (3/4) ... [2024-11-16 07:52:05,447 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:52:05,459 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-16 07:52:05,464 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 38 nodes and edges [2024-11-16 07:52:05,464 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:52:05,464 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:52:05,464 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:52:05,465 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:52:05,578 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:52:05,579 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:52:05,579 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:52:05,579 INFO L158 Benchmark]: Toolchain (without parser) took 7879.08ms. Allocated memory was 192.9MB in the beginning and 283.1MB in the end (delta: 90.2MB). Free memory was 122.3MB in the beginning and 145.5MB in the end (delta: -23.3MB). Peak memory consumption was 69.0MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,579 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 192.9MB. Free memory is still 149.7MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:52:05,579 INFO L158 Benchmark]: CACSL2BoogieTranslator took 713.22ms. Allocated memory is still 192.9MB. Free memory was 122.0MB in the beginning and 100.6MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,580 INFO L158 Benchmark]: Boogie Procedure Inliner took 112.80ms. Allocated memory is still 192.9MB. Free memory was 100.6MB in the beginning and 163.6MB in the end (delta: -63.0MB). Peak memory consumption was 7.0MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,580 INFO L158 Benchmark]: Boogie Preprocessor took 95.12ms. Allocated memory is still 192.9MB. Free memory was 163.6MB in the beginning and 161.6MB in the end (delta: 2.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,580 INFO L158 Benchmark]: IcfgBuilder took 557.19ms. Allocated memory is still 192.9MB. Free memory was 161.6MB in the beginning and 141.6MB in the end (delta: 20.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,581 INFO L158 Benchmark]: TraceAbstraction took 6251.24ms. Allocated memory was 192.9MB in the beginning and 283.1MB in the end (delta: 90.2MB). Free memory was 141.6MB in the beginning and 153.9MB in the end (delta: -12.3MB). Peak memory consumption was 145.9MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,581 INFO L158 Benchmark]: Witness Printer took 134.56ms. Allocated memory is still 283.1MB. Free memory was 152.9MB in the beginning and 145.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-16 07:52:05,582 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 192.9MB. Free memory is still 149.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 713.22ms. Allocated memory is still 192.9MB. Free memory was 122.0MB in the beginning and 100.6MB in the end (delta: 21.5MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 112.80ms. Allocated memory is still 192.9MB. Free memory was 100.6MB in the beginning and 163.6MB in the end (delta: -63.0MB). Peak memory consumption was 7.0MB. Max. memory is 16.1GB. * Boogie Preprocessor took 95.12ms. Allocated memory is still 192.9MB. Free memory was 163.6MB in the beginning and 161.6MB in the end (delta: 2.0MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * IcfgBuilder took 557.19ms. Allocated memory is still 192.9MB. Free memory was 161.6MB in the beginning and 141.6MB in the end (delta: 20.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 6251.24ms. Allocated memory was 192.9MB in the beginning and 283.1MB in the end (delta: 90.2MB). Free memory was 141.6MB in the beginning and 153.9MB in the end (delta: -12.3MB). Peak memory consumption was 145.9MB. Max. memory is 16.1GB. * Witness Printer took 134.56ms. Allocated memory is still 283.1MB. Free memory was 152.9MB in the beginning and 145.5MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 150]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [150] - GenericResultAtLocation [Line: 159]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [159] - GenericResultAtLocation [Line: 186]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [186] - GenericResultAtLocation [Line: 288]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [288] - GenericResultAtLocation [Line: 323]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [323] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 754]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [754] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 155]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 99 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.9s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1258 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1221 mSDsluCounter, 3297 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2304 mSDsCounter, 355 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1312 IncrementalHoareTripleChecker+Invalid, 1667 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 355 mSolverCounterUnsat, 993 mSDtfsCounter, 1312 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 282 GetRequests, 197 SyntacticMatches, 0 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 254 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=548occurred in iteration=9, InterpolantAutomatonStates: 76, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 24 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.4s InterpolantComputationTime, 615 NumberOfCodeBlocks, 615 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 604 ConstructedInterpolants, 0 QuantifiedInterpolants, 1087 SizeOfPredicates, 1 NumberOfNonLiveVariables, 332 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 89/102 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 700]: Location Invariant Derived location invariant: null - InvariantResult [Line: 199]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 784]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 83]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) || ((\old(methaneLevelCritical) == 0) && (1 == systemActive)))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((waterLevel == \old(waterLevel)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 760]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: ((((((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || ((pumpRunning == \old(pumpRunning)) && (\old(pumpRunning) != 0))) || ((\old(pumpRunning) != 0) && (pumpRunning == 0))) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel))) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && ((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || ((\old(pumpRunning) != 0) && (pumpRunning == 0))) || (methaneLevelCritical < 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 189]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 95]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 71]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && (((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel))) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 792]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) == 0))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 876]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || (((pumpRunning != 0) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (pumpRunning != 0)) && (1 == systemActive))) Ensures: ((((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || (((pumpRunning != 0) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (pumpRunning != 0)) && (1 == systemActive))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:52:05,623 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE