./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 592117a566b45deb7ab0407540eecbf2be0f732724f0529483f85e7a6864867a --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:52:12,128 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:52:12,206 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:52:12,214 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:52:12,217 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:52:12,243 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:52:12,244 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:52:12,244 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:52:12,245 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:52:12,245 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:52:12,246 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:52:12,247 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:52:12,247 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:52:12,249 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:52:12,249 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:52:12,250 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:52:12,250 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:52:12,250 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:52:12,251 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:52:12,251 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:52:12,251 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:52:12,255 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:52:12,255 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:52:12,256 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:52:12,256 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:52:12,256 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:52:12,257 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:52:12,257 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:52:12,257 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:52:12,257 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:52:12,258 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:52:12,258 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:52:12,258 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:52:12,258 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:52:12,259 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:52:12,259 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:52:12,259 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:52:12,259 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:52:12,260 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:52:12,260 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:52:12,260 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:52:12,261 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:52:12,261 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 592117a566b45deb7ab0407540eecbf2be0f732724f0529483f85e7a6864867a [2024-11-16 07:52:12,501 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:52:12,529 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:52:12,535 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:52:12,536 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:52:12,537 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:52:12,538 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c [2024-11-16 07:52:13,936 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:52:14,180 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:52:14,183 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c [2024-11-16 07:52:14,199 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ff70b1f21/323741e474e64167a7a20aecff68fa27/FLAGf83e74d99 [2024-11-16 07:52:14,216 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ff70b1f21/323741e474e64167a7a20aecff68fa27 [2024-11-16 07:52:14,221 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:52:14,222 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:52:14,226 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:52:14,226 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:52:14,231 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:52:14,232 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,232 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@589e9fd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14, skipping insertion in model container [2024-11-16 07:52:14,233 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,279 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:52:14,608 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c[19185,19198] [2024-11-16 07:52:14,613 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:52:14,624 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:52:14,634 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-16 07:52:14,635 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [309] [2024-11-16 07:52:14,636 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [379] [2024-11-16 07:52:14,636 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [417] [2024-11-16 07:52:14,636 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [783] [2024-11-16 07:52:14,636 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [879] [2024-11-16 07:52:14,637 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [983] [2024-11-16 07:52:14,637 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1010] [2024-11-16 07:52:14,694 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product62.cil.c[19185,19198] [2024-11-16 07:52:14,699 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:52:14,729 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:52:14,730 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14 WrapperNode [2024-11-16 07:52:14,730 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:52:14,731 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:52:14,731 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:52:14,731 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:52:14,763 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,781 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,834 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 217 [2024-11-16 07:52:14,835 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:52:14,835 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:52:14,835 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:52:14,836 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:52:14,844 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,844 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,847 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,862 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:52:14,866 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,866 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,871 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,872 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,873 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,874 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,876 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:52:14,881 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:52:14,881 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:52:14,881 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:52:14,882 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (1/1) ... [2024-11-16 07:52:14,890 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:52:14,903 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:52:14,919 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:52:14,926 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:52:14,971 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:52:14,972 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:52:14,972 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:52:14,972 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:52:14,972 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:52:14,972 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-16 07:52:14,972 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-16 07:52:14,972 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:52:14,973 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:52:14,973 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:52:14,973 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:52:14,973 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:52:14,973 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:52:14,974 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:52:14,974 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:52:14,974 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-16 07:52:14,974 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-16 07:52:14,975 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-16 07:52:14,975 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-16 07:52:14,975 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:52:14,975 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:52:14,976 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:52:14,976 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:52:14,976 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:52:15,053 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:52:15,055 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:52:15,148 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L980-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~13#1; [2024-11-16 07:52:15,149 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L298-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~3#1; [2024-11-16 07:52:15,180 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L925: #res := ~retValue_acc~10; [2024-11-16 07:52:15,232 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L224-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~1#1; [2024-11-16 07:52:15,319 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L876-1: main_#res#1 := main_~retValue_acc~9#1; [2024-11-16 07:52:15,319 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L414-1: valid_product_#res#1 := valid_product_~retValue_acc~5#1; [2024-11-16 07:52:15,360 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L279-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~2#1; [2024-11-16 07:52:15,360 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L971-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~12#1; [2024-11-16 07:52:15,369 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L215: #res := ~retValue_acc~0; [2024-11-16 07:52:15,392 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-11-16 07:52:15,392 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:52:15,414 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:52:15,414 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:52:15,415 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:52:15 BoogieIcfgContainer [2024-11-16 07:52:15,415 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:52:15,417 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:52:15,418 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:52:15,421 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:52:15,421 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:52:14" (1/3) ... [2024-11-16 07:52:15,422 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6249530f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:52:15, skipping insertion in model container [2024-11-16 07:52:15,422 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:52:14" (2/3) ... [2024-11-16 07:52:15,423 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6249530f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:52:15, skipping insertion in model container [2024-11-16 07:52:15,424 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:52:15" (3/3) ... [2024-11-16 07:52:15,425 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product62.cil.c [2024-11-16 07:52:15,444 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:52:15,445 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:52:15,501 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:52:15,507 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5896d975, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:52:15,508 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:52:15,511 INFO L276 IsEmpty]: Start isEmpty. Operand has 115 states, 85 states have (on average 1.3411764705882352) internal successors, (114), 95 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-16 07:52:15,519 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-16 07:52:15,519 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:15,520 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:15,521 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:15,525 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:15,525 INFO L85 PathProgramCache]: Analyzing trace with hash 1832167476, now seen corresponding path program 1 times [2024-11-16 07:52:15,532 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:15,533 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [974842814] [2024-11-16 07:52:15,533 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:15,533 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:15,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:15,701 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2024-11-16 07:52:15,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:15,720 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:15,720 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:15,720 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [974842814] [2024-11-16 07:52:15,721 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [974842814] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:15,721 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:15,722 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:52:15,723 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1788451746] [2024-11-16 07:52:15,724 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:15,727 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:52:15,728 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:15,752 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:52:15,753 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:52:15,755 INFO L87 Difference]: Start difference. First operand has 115 states, 85 states have (on average 1.3411764705882352) internal successors, (114), 95 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:15,786 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:15,786 INFO L93 Difference]: Finished difference Result 221 states and 294 transitions. [2024-11-16 07:52:15,787 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:52:15,788 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-16 07:52:15,788 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:15,796 INFO L225 Difference]: With dead ends: 221 [2024-11-16 07:52:15,796 INFO L226 Difference]: Without dead ends: 104 [2024-11-16 07:52:15,799 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:52:15,803 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 143 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:15,807 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:52:15,819 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2024-11-16 07:52:15,838 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 104. [2024-11-16 07:52:15,840 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 76 states have (on average 1.2894736842105263) internal successors, (98), 85 states have internal predecessors, (98), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-16 07:52:15,843 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 133 transitions. [2024-11-16 07:52:15,845 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 133 transitions. Word has length 25 [2024-11-16 07:52:15,845 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:15,845 INFO L471 AbstractCegarLoop]: Abstraction has 104 states and 133 transitions. [2024-11-16 07:52:15,846 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:15,846 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 133 transitions. [2024-11-16 07:52:15,851 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2024-11-16 07:52:15,853 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:15,853 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:15,854 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:52:15,854 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:15,854 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:15,855 INFO L85 PathProgramCache]: Analyzing trace with hash -1757757801, now seen corresponding path program 1 times [2024-11-16 07:52:15,855 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:15,855 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [942110153] [2024-11-16 07:52:15,855 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:15,855 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:15,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,002 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-16 07:52:16,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,012 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:16,016 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:16,016 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [942110153] [2024-11-16 07:52:16,017 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [942110153] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:16,017 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:16,017 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:52:16,017 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [78324805] [2024-11-16 07:52:16,017 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:16,019 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:52:16,019 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:16,019 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:52:16,020 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:52:16,020 INFO L87 Difference]: Start difference. First operand 104 states and 133 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:16,045 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:16,046 INFO L93 Difference]: Finished difference Result 170 states and 218 transitions. [2024-11-16 07:52:16,048 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:52:16,048 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2024-11-16 07:52:16,049 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:16,050 INFO L225 Difference]: With dead ends: 170 [2024-11-16 07:52:16,050 INFO L226 Difference]: Without dead ends: 93 [2024-11-16 07:52:16,052 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:52:16,053 INFO L432 NwaCegarLoop]: 118 mSDtfsCounter, 12 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 218 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:16,053 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 218 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:52:16,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2024-11-16 07:52:16,063 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2024-11-16 07:52:16,064 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 77 states have internal predecessors, (89), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-16 07:52:16,065 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 119 transitions. [2024-11-16 07:52:16,066 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 119 transitions. Word has length 28 [2024-11-16 07:52:16,066 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:16,066 INFO L471 AbstractCegarLoop]: Abstraction has 93 states and 119 transitions. [2024-11-16 07:52:16,066 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:16,067 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 119 transitions. [2024-11-16 07:52:16,068 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-16 07:52:16,068 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:16,068 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:16,068 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:52:16,069 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:16,069 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:16,070 INFO L85 PathProgramCache]: Analyzing trace with hash 1082556366, now seen corresponding path program 1 times [2024-11-16 07:52:16,070 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:16,070 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1085847715] [2024-11-16 07:52:16,070 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:16,070 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:16,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,166 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:16,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,175 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:16,176 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:16,178 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1085847715] [2024-11-16 07:52:16,178 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1085847715] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:16,179 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:16,179 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:52:16,180 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [401773196] [2024-11-16 07:52:16,180 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:16,180 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:52:16,180 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:16,181 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:52:16,181 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:52:16,181 INFO L87 Difference]: Start difference. First operand 93 states and 119 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:16,211 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:16,211 INFO L93 Difference]: Finished difference Result 179 states and 232 transitions. [2024-11-16 07:52:16,212 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:52:16,212 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-16 07:52:16,212 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:16,213 INFO L225 Difference]: With dead ends: 179 [2024-11-16 07:52:16,214 INFO L226 Difference]: Without dead ends: 93 [2024-11-16 07:52:16,214 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:52:16,216 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 113 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 117 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:16,216 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 117 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:52:16,217 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 93 states. [2024-11-16 07:52:16,254 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 93 to 93. [2024-11-16 07:52:16,255 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 93 states, 68 states have (on average 1.2941176470588236) internal successors, (88), 77 states have internal predecessors, (88), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-16 07:52:16,256 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 93 states to 93 states and 118 transitions. [2024-11-16 07:52:16,256 INFO L78 Accepts]: Start accepts. Automaton has 93 states and 118 transitions. Word has length 31 [2024-11-16 07:52:16,257 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:16,257 INFO L471 AbstractCegarLoop]: Abstraction has 93 states and 118 transitions. [2024-11-16 07:52:16,257 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:52:16,261 INFO L276 IsEmpty]: Start isEmpty. Operand 93 states and 118 transitions. [2024-11-16 07:52:16,263 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-16 07:52:16,263 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:16,264 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:16,264 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:52:16,264 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:16,265 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:16,265 INFO L85 PathProgramCache]: Analyzing trace with hash 1167375991, now seen corresponding path program 1 times [2024-11-16 07:52:16,265 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:16,268 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1205005359] [2024-11-16 07:52:16,268 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:16,269 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:16,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:16,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,429 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:16,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,448 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:16,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,456 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-11-16 07:52:16,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,463 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:16,464 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:16,465 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1205005359] [2024-11-16 07:52:16,465 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1205005359] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:16,466 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:16,466 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:52:16,466 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1513986359] [2024-11-16 07:52:16,466 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:16,467 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:52:16,467 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:16,468 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:52:16,468 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:52:16,468 INFO L87 Difference]: Start difference. First operand 93 states and 118 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:52:16,785 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:16,785 INFO L93 Difference]: Finished difference Result 269 states and 338 transitions. [2024-11-16 07:52:16,786 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:52:16,786 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 46 [2024-11-16 07:52:16,787 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:16,789 INFO L225 Difference]: With dead ends: 269 [2024-11-16 07:52:16,791 INFO L226 Difference]: Without dead ends: 183 [2024-11-16 07:52:16,792 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:52:16,794 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 204 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 143 mSolverCounterSat, 77 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 206 SdHoareTripleChecker+Valid, 306 SdHoareTripleChecker+Invalid, 220 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 77 IncrementalHoareTripleChecker+Valid, 143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:16,795 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [206 Valid, 306 Invalid, 220 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [77 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:52:16,796 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 183 states. [2024-11-16 07:52:16,832 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 183 to 174. [2024-11-16 07:52:16,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 128 states have (on average 1.2265625) internal successors, (157), 137 states have internal predecessors, (157), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2024-11-16 07:52:16,836 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 208 transitions. [2024-11-16 07:52:16,837 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 208 transitions. Word has length 46 [2024-11-16 07:52:16,837 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:16,837 INFO L471 AbstractCegarLoop]: Abstraction has 174 states and 208 transitions. [2024-11-16 07:52:16,838 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:52:16,838 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 208 transitions. [2024-11-16 07:52:16,839 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-16 07:52:16,839 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:16,839 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:16,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:52:16,840 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:16,840 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:16,841 INFO L85 PathProgramCache]: Analyzing trace with hash 128014491, now seen corresponding path program 1 times [2024-11-16 07:52:16,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:16,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [882008298] [2024-11-16 07:52:16,841 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:16,842 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:16,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:16,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:16,990 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,003 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:17,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,020 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:17,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,023 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2024-11-16 07:52:17,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,029 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:17,029 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:17,029 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [882008298] [2024-11-16 07:52:17,029 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [882008298] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:17,029 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:17,029 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:52:17,030 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [625501667] [2024-11-16 07:52:17,030 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:17,030 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:52:17,030 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:17,031 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:52:17,031 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:52:17,033 INFO L87 Difference]: Start difference. First operand 174 states and 208 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:17,291 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:17,292 INFO L93 Difference]: Finished difference Result 180 states and 212 transitions. [2024-11-16 07:52:17,292 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-16 07:52:17,292 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-16 07:52:17,293 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:17,295 INFO L225 Difference]: With dead ends: 180 [2024-11-16 07:52:17,298 INFO L226 Difference]: Without dead ends: 177 [2024-11-16 07:52:17,299 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-16 07:52:17,300 INFO L432 NwaCegarLoop]: 99 mSDtfsCounter, 130 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 188 mSolverCounterSat, 35 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 396 SdHoareTripleChecker+Invalid, 223 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 35 IncrementalHoareTripleChecker+Valid, 188 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:17,300 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 396 Invalid, 223 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [35 Valid, 188 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:52:17,301 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 177 states. [2024-11-16 07:52:17,322 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 177 to 174. [2024-11-16 07:52:17,323 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 128 states have (on average 1.2109375) internal successors, (155), 137 states have internal predecessors, (155), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2024-11-16 07:52:17,324 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 206 transitions. [2024-11-16 07:52:17,324 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 206 transitions. Word has length 52 [2024-11-16 07:52:17,324 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:17,325 INFO L471 AbstractCegarLoop]: Abstraction has 174 states and 206 transitions. [2024-11-16 07:52:17,325 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:52:17,325 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 206 transitions. [2024-11-16 07:52:17,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:52:17,339 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:17,339 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:17,339 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:52:17,339 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:17,340 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:17,340 INFO L85 PathProgramCache]: Analyzing trace with hash -1206674134, now seen corresponding path program 1 times [2024-11-16 07:52:17,340 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:17,340 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1868417248] [2024-11-16 07:52:17,341 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:17,341 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:17,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,408 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:17,413 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,425 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:17,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,458 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:17,460 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,462 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:17,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,464 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:52:17,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,466 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:17,467 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:17,467 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1868417248] [2024-11-16 07:52:17,467 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1868417248] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:17,467 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:17,467 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:52:17,467 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [589697351] [2024-11-16 07:52:17,467 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:17,468 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:52:17,468 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:17,469 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:52:17,469 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:52:17,469 INFO L87 Difference]: Start difference. First operand 174 states and 206 transitions. Second operand has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:17,638 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:17,638 INFO L93 Difference]: Finished difference Result 347 states and 419 transitions. [2024-11-16 07:52:17,638 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:52:17,639 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 62 [2024-11-16 07:52:17,639 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:17,640 INFO L225 Difference]: With dead ends: 347 [2024-11-16 07:52:17,640 INFO L226 Difference]: Without dead ends: 180 [2024-11-16 07:52:17,641 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:52:17,642 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 66 mSDsluCounter, 310 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 405 SdHoareTripleChecker+Invalid, 182 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:17,643 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 405 Invalid, 182 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:17,643 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-11-16 07:52:17,657 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 177. [2024-11-16 07:52:17,658 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 131 states have (on average 1.2061068702290076) internal successors, (158), 140 states have internal predecessors, (158), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2024-11-16 07:52:17,659 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 209 transitions. [2024-11-16 07:52:17,660 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 209 transitions. Word has length 62 [2024-11-16 07:52:17,660 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:17,660 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 209 transitions. [2024-11-16 07:52:17,660 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.166666666666666) internal successors, (49), 5 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:17,661 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 209 transitions. [2024-11-16 07:52:17,662 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:52:17,662 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:17,662 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:17,662 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:52:17,662 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:17,663 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:17,663 INFO L85 PathProgramCache]: Analyzing trace with hash 904616235, now seen corresponding path program 1 times [2024-11-16 07:52:17,663 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:17,663 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [622992392] [2024-11-16 07:52:17,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:17,664 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:17,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,721 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:17,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,742 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:17,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,767 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:17,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,771 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:17,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,773 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:52:17,774 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:17,775 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:17,775 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:17,775 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [622992392] [2024-11-16 07:52:17,775 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [622992392] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:17,775 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:17,775 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:52:17,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1541640273] [2024-11-16 07:52:17,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:17,776 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:52:17,776 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:17,777 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:52:17,777 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:52:17,777 INFO L87 Difference]: Start difference. First operand 177 states and 209 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:17,943 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:17,943 INFO L93 Difference]: Finished difference Result 352 states and 424 transitions. [2024-11-16 07:52:17,944 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:52:17,944 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 62 [2024-11-16 07:52:17,944 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:17,946 INFO L225 Difference]: With dead ends: 352 [2024-11-16 07:52:17,946 INFO L226 Difference]: Without dead ends: 182 [2024-11-16 07:52:17,946 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:52:17,950 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 65 mSDsluCounter, 220 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:17,951 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 316 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:17,951 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 182 states. [2024-11-16 07:52:17,974 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 182 to 179. [2024-11-16 07:52:17,975 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 179 states, 133 states have (on average 1.2030075187969924) internal successors, (160), 142 states have internal predecessors, (160), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2024-11-16 07:52:17,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 179 states to 179 states and 211 transitions. [2024-11-16 07:52:17,977 INFO L78 Accepts]: Start accepts. Automaton has 179 states and 211 transitions. Word has length 62 [2024-11-16 07:52:17,977 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:17,977 INFO L471 AbstractCegarLoop]: Abstraction has 179 states and 211 transitions. [2024-11-16 07:52:17,978 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:52:17,978 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 211 transitions. [2024-11-16 07:52:17,979 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2024-11-16 07:52:17,982 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:17,982 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:17,982 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:52:17,983 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:17,983 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:17,983 INFO L85 PathProgramCache]: Analyzing trace with hash 60610733, now seen corresponding path program 1 times [2024-11-16 07:52:17,983 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:17,983 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [496132408] [2024-11-16 07:52:17,983 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:17,983 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:17,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,073 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:18,078 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,092 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:18,098 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,113 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:18,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,117 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:18,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,121 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:52:18,123 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,125 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:52:18,126 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:18,126 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [496132408] [2024-11-16 07:52:18,126 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [496132408] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:18,126 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:18,126 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:52:18,126 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [724387567] [2024-11-16 07:52:18,126 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:18,127 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:52:18,127 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:18,128 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:52:18,128 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:52:18,128 INFO L87 Difference]: Start difference. First operand 179 states and 211 transitions. Second operand has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:52:18,384 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:18,384 INFO L93 Difference]: Finished difference Result 482 states and 598 transitions. [2024-11-16 07:52:18,384 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:52:18,385 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 62 [2024-11-16 07:52:18,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:18,387 INFO L225 Difference]: With dead ends: 482 [2024-11-16 07:52:18,387 INFO L226 Difference]: Without dead ends: 310 [2024-11-16 07:52:18,388 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:52:18,392 INFO L432 NwaCegarLoop]: 138 mSDtfsCounter, 224 mSDsluCounter, 192 mSDsCounter, 0 mSdLazyCounter, 160 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 330 SdHoareTripleChecker+Invalid, 230 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:18,392 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 330 Invalid, 230 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 160 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:52:18,393 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 310 states. [2024-11-16 07:52:18,426 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 310 to 307. [2024-11-16 07:52:18,427 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 307 states, 229 states have (on average 1.1965065502183405) internal successors, (274), 242 states have internal predecessors, (274), 39 states have call successors, (39), 35 states have call predecessors, (39), 38 states have return successors, (58), 40 states have call predecessors, (58), 39 states have call successors, (58) [2024-11-16 07:52:18,428 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 307 states to 307 states and 371 transitions. [2024-11-16 07:52:18,429 INFO L78 Accepts]: Start accepts. Automaton has 307 states and 371 transitions. Word has length 62 [2024-11-16 07:52:18,429 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:18,430 INFO L471 AbstractCegarLoop]: Abstraction has 307 states and 371 transitions. [2024-11-16 07:52:18,430 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.8) internal successors, (49), 4 states have internal predecessors, (49), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:52:18,430 INFO L276 IsEmpty]: Start isEmpty. Operand 307 states and 371 transitions. [2024-11-16 07:52:18,431 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2024-11-16 07:52:18,431 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:18,431 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:18,431 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:52:18,432 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:18,432 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:18,432 INFO L85 PathProgramCache]: Analyzing trace with hash -2100399573, now seen corresponding path program 1 times [2024-11-16 07:52:18,432 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:18,432 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2017539446] [2024-11-16 07:52:18,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:18,433 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:18,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,516 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:52:18,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,531 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:52:18,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,544 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:18,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,552 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:18,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,557 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:18,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,559 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-11-16 07:52:18,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:18,580 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:52:18,581 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:18,581 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2017539446] [2024-11-16 07:52:18,581 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2017539446] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:18,581 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:52:18,582 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-16 07:52:18,582 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1733092078] [2024-11-16 07:52:18,582 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:18,583 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:52:18,583 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:18,584 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:52:18,584 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:52:18,585 INFO L87 Difference]: Start difference. First operand 307 states and 371 transitions. Second operand has 8 states, 8 states have (on average 6.625) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-16 07:52:19,211 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:19,211 INFO L93 Difference]: Finished difference Result 954 states and 1185 transitions. [2024-11-16 07:52:19,212 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2024-11-16 07:52:19,212 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.625) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 66 [2024-11-16 07:52:19,212 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:19,216 INFO L225 Difference]: With dead ends: 954 [2024-11-16 07:52:19,216 INFO L226 Difference]: Without dead ends: 654 [2024-11-16 07:52:19,217 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 84 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=112, Invalid=350, Unknown=0, NotChecked=0, Total=462 [2024-11-16 07:52:19,218 INFO L432 NwaCegarLoop]: 62 mSDtfsCounter, 347 mSDsluCounter, 282 mSDsCounter, 0 mSdLazyCounter, 460 mSolverCounterSat, 143 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 353 SdHoareTripleChecker+Valid, 344 SdHoareTripleChecker+Invalid, 603 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 143 IncrementalHoareTripleChecker+Valid, 460 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:19,218 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [353 Valid, 344 Invalid, 603 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [143 Valid, 460 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-16 07:52:19,220 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 654 states. [2024-11-16 07:52:19,282 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 654 to 648. [2024-11-16 07:52:19,283 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 648 states, 477 states have (on average 1.1719077568134173) internal successors, (559), 508 states have internal predecessors, (559), 88 states have call successors, (88), 70 states have call predecessors, (88), 82 states have return successors, (137), 90 states have call predecessors, (137), 88 states have call successors, (137) [2024-11-16 07:52:19,288 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 648 states to 648 states and 784 transitions. [2024-11-16 07:52:19,289 INFO L78 Accepts]: Start accepts. Automaton has 648 states and 784 transitions. Word has length 66 [2024-11-16 07:52:19,289 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:19,289 INFO L471 AbstractCegarLoop]: Abstraction has 648 states and 784 transitions. [2024-11-16 07:52:19,289 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.625) internal successors, (53), 5 states have internal predecessors, (53), 2 states have call successors, (7), 4 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-16 07:52:19,290 INFO L276 IsEmpty]: Start isEmpty. Operand 648 states and 784 transitions. [2024-11-16 07:52:19,291 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 71 [2024-11-16 07:52:19,291 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:19,291 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:19,291 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-16 07:52:19,292 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:19,292 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:19,292 INFO L85 PathProgramCache]: Analyzing trace with hash -31985846, now seen corresponding path program 1 times [2024-11-16 07:52:19,292 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:19,292 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1915468086] [2024-11-16 07:52:19,294 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:19,295 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:19,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,392 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:52:19,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,400 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2024-11-16 07:52:19,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:52:19,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,441 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:19,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,492 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:19,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,533 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:19,535 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,553 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2024-11-16 07:52:19,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,556 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:52:19,556 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:19,556 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1915468086] [2024-11-16 07:52:19,556 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1915468086] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:52:19,556 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2033157958] [2024-11-16 07:52:19,556 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:19,556 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:52:19,557 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:52:19,559 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:52:19,584 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:52:19,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:19,674 INFO L255 TraceCheckSpWp]: Trace formula consists of 250 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-16 07:52:19,681 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:52:19,923 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:52:19,924 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:52:19,924 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2033157958] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:19,924 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:52:19,925 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 20 [2024-11-16 07:52:19,925 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [121297321] [2024-11-16 07:52:19,925 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:19,925 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:52:19,926 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:19,926 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:52:19,927 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=52, Invalid=328, Unknown=0, NotChecked=0, Total=380 [2024-11-16 07:52:19,927 INFO L87 Difference]: Start difference. First operand 648 states and 784 transitions. Second operand has 8 states, 8 states have (on average 6.875) internal successors, (55), 6 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-16 07:52:20,143 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:20,143 INFO L93 Difference]: Finished difference Result 1263 states and 1534 transitions. [2024-11-16 07:52:20,143 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-16 07:52:20,144 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.875) internal successors, (55), 6 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) Word has length 70 [2024-11-16 07:52:20,144 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:20,148 INFO L225 Difference]: With dead ends: 1263 [2024-11-16 07:52:20,148 INFO L226 Difference]: Without dead ends: 622 [2024-11-16 07:52:20,150 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 94 GetRequests, 76 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 37 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=52, Invalid=328, Unknown=0, NotChecked=0, Total=380 [2024-11-16 07:52:20,151 INFO L432 NwaCegarLoop]: 213 mSDtfsCounter, 74 mSDsluCounter, 886 mSDsCounter, 0 mSdLazyCounter, 203 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 1099 SdHoareTripleChecker+Invalid, 204 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 203 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:20,151 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 1099 Invalid, 204 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 203 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:52:20,152 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 622 states. [2024-11-16 07:52:20,189 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 622 to 622. [2024-11-16 07:52:20,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 622 states, 457 states have (on average 1.1597374179431073) internal successors, (530), 487 states have internal predecessors, (530), 86 states have call successors, (86), 68 states have call predecessors, (86), 78 states have return successors, (122), 86 states have call predecessors, (122), 86 states have call successors, (122) [2024-11-16 07:52:20,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 622 states to 622 states and 738 transitions. [2024-11-16 07:52:20,194 INFO L78 Accepts]: Start accepts. Automaton has 622 states and 738 transitions. Word has length 70 [2024-11-16 07:52:20,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:20,195 INFO L471 AbstractCegarLoop]: Abstraction has 622 states and 738 transitions. [2024-11-16 07:52:20,195 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.875) internal successors, (55), 6 states have internal predecessors, (55), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-16 07:52:20,195 INFO L276 IsEmpty]: Start isEmpty. Operand 622 states and 738 transitions. [2024-11-16 07:52:20,197 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 127 [2024-11-16 07:52:20,197 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:52:20,197 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:20,216 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-16 07:52:20,399 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:52:20,399 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:52:20,400 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:52:20,400 INFO L85 PathProgramCache]: Analyzing trace with hash -852215546, now seen corresponding path program 1 times [2024-11-16 07:52:20,400 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:52:20,400 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1950116791] [2024-11-16 07:52:20,400 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:20,400 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:52:20,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,538 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:52:20,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,550 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:52:20,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,567 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:52:20,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,573 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:20,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,579 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:52:20,580 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,581 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:20,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,583 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:52:20,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,618 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-16 07:52:20,620 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,634 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 85 [2024-11-16 07:52:20,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,691 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:52:20,693 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,736 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 96 [2024-11-16 07:52:20,738 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,741 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-16 07:52:20,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,743 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:52:20,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,744 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 116 [2024-11-16 07:52:20,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,746 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 16 proven. 5 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2024-11-16 07:52:20,746 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:52:20,746 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1950116791] [2024-11-16 07:52:20,746 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1950116791] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:52:20,746 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1668726333] [2024-11-16 07:52:20,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:52:20,747 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:52:20,747 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:52:20,748 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:52:20,750 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-16 07:52:20,850 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:52:20,852 INFO L255 TraceCheckSpWp]: Trace formula consists of 378 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-16 07:52:20,856 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:52:20,993 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 40 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2024-11-16 07:52:20,994 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:52:20,995 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1668726333] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:52:20,995 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:52:20,995 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2024-11-16 07:52:20,995 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [101128497] [2024-11-16 07:52:20,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:52:20,996 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:52:20,996 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:52:20,996 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:52:20,996 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=293, Unknown=0, NotChecked=0, Total=342 [2024-11-16 07:52:20,997 INFO L87 Difference]: Start difference. First operand 622 states and 738 transitions. Second operand has 8 states, 8 states have (on average 11.25) internal successors, (90), 6 states have internal predecessors, (90), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-16 07:52:21,141 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:52:21,141 INFO L93 Difference]: Finished difference Result 1061 states and 1275 transitions. [2024-11-16 07:52:21,142 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-16 07:52:21,142 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 11.25) internal successors, (90), 6 states have internal predecessors, (90), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) Word has length 126 [2024-11-16 07:52:21,142 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:52:21,143 INFO L225 Difference]: With dead ends: 1061 [2024-11-16 07:52:21,143 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:52:21,146 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 164 GetRequests, 145 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=61, Invalid=359, Unknown=0, NotChecked=0, Total=420 [2024-11-16 07:52:21,147 INFO L432 NwaCegarLoop]: 192 mSDtfsCounter, 64 mSDsluCounter, 763 mSDsCounter, 0 mSdLazyCounter, 111 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 955 SdHoareTripleChecker+Invalid, 111 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 111 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:52:21,147 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 955 Invalid, 111 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 111 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:52:21,147 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:52:21,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:52:21,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:52:21,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:52:21,148 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 126 [2024-11-16 07:52:21,148 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:52:21,149 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:52:21,149 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 11.25) internal successors, (90), 6 states have internal predecessors, (90), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-16 07:52:21,149 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:52:21,149 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:52:21,151 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:52:21,171 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-16 07:52:21,352 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-16 07:52:21,354 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:52:21,356 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:52:24,192 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:52:24,208 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1)))) Eliminated clause: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1))) [2024-11-16 07:52:24,230 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) (<= 1 |old(~methaneLevelCritical~0)|) .cse0) (and .cse1 .cse0))) (or (not .cse1) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~pumpRunning~0 0) (<= 1 |old(~methaneLevelCritical~0)|) .cse0) (and .cse1 .cse0))) (or (not .cse1) (= ~methaneLevelCritical~0 0))))) [2024-11-16 07:52:24,235 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-16 07:52:24,242 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0) (and (= ~methaneLevelCritical~0 0) .cse0))) [2024-11-16 07:52:24,251 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse0 (= |old(~pumpRunning~0)| 0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-16 07:52:24,260 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-16 07:52:24,269 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse0 (= |old(~pumpRunning~0)| 0))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0))) [2024-11-16 07:52:24,288 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:52:24 BoogieIcfgContainer [2024-11-16 07:52:24,288 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:52:24,289 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:52:24,289 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:52:24,289 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:52:24,293 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:52:15" (3/4) ... [2024-11-16 07:52:24,296 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:52:24,301 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:52:24,302 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:52:24,303 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:52:24,303 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:52:24,303 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-16 07:52:24,311 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 40 nodes and edges [2024-11-16 07:52:24,312 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:52:24,312 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:52:24,313 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:52:24,313 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:52:24,425 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:52:24,425 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:52:24,426 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:52:24,426 INFO L158 Benchmark]: Toolchain (without parser) took 10204.23ms. Allocated memory was 144.7MB in the beginning and 234.9MB in the end (delta: 90.2MB). Free memory was 90.9MB in the beginning and 109.9MB in the end (delta: -19.0MB). Peak memory consumption was 72.9MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,426 INFO L158 Benchmark]: CDTParser took 3.86ms. Allocated memory is still 144.7MB. Free memory is still 105.8MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:52:24,427 INFO L158 Benchmark]: CACSL2BoogieTranslator took 504.67ms. Allocated memory is still 144.7MB. Free memory was 90.6MB in the beginning and 68.7MB in the end (delta: 21.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,427 INFO L158 Benchmark]: Boogie Procedure Inliner took 103.76ms. Allocated memory is still 144.7MB. Free memory was 68.7MB in the beginning and 114.9MB in the end (delta: -46.1MB). Peak memory consumption was 5.4MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,427 INFO L158 Benchmark]: Boogie Preprocessor took 41.30ms. Allocated memory is still 144.7MB. Free memory was 114.9MB in the beginning and 112.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,427 INFO L158 Benchmark]: IcfgBuilder took 534.60ms. Allocated memory is still 144.7MB. Free memory was 112.8MB in the beginning and 91.8MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,428 INFO L158 Benchmark]: TraceAbstraction took 8870.71ms. Allocated memory was 144.7MB in the beginning and 234.9MB in the end (delta: 90.2MB). Free memory was 91.1MB in the beginning and 118.3MB in the end (delta: -27.2MB). Peak memory consumption was 114.4MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,428 INFO L158 Benchmark]: Witness Printer took 137.17ms. Allocated memory is still 234.9MB. Free memory was 118.3MB in the beginning and 109.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-16 07:52:24,429 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 3.86ms. Allocated memory is still 144.7MB. Free memory is still 105.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 504.67ms. Allocated memory is still 144.7MB. Free memory was 90.6MB in the beginning and 68.7MB in the end (delta: 21.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 103.76ms. Allocated memory is still 144.7MB. Free memory was 68.7MB in the beginning and 114.9MB in the end (delta: -46.1MB). Peak memory consumption was 5.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 41.30ms. Allocated memory is still 144.7MB. Free memory was 114.9MB in the beginning and 112.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 534.60ms. Allocated memory is still 144.7MB. Free memory was 112.8MB in the beginning and 91.8MB in the end (delta: 21.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 8870.71ms. Allocated memory was 144.7MB in the beginning and 234.9MB in the end (delta: 90.2MB). Free memory was 91.1MB in the beginning and 118.3MB in the end (delta: -27.2MB). Peak memory consumption was 114.4MB. Max. memory is 16.1GB. * Witness Printer took 137.17ms. Allocated memory is still 234.9MB. Free memory was 118.3MB in the beginning and 109.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 309]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [309] - GenericResultAtLocation [Line: 379]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [379] - GenericResultAtLocation [Line: 417]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [417] - GenericResultAtLocation [Line: 783]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [783] - GenericResultAtLocation [Line: 879]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [879] - GenericResultAtLocation [Line: 983]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [983] - GenericResultAtLocation [Line: 1010]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1010] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1015]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 115 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 5.9s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1341 SdHoareTripleChecker+Valid, 1.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1299 mSDsluCounter, 4629 SdHoareTripleChecker+Invalid, 1.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3231 mSDsCounter, 361 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1556 IncrementalHoareTripleChecker+Invalid, 1917 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 361 mSolverCounterUnsat, 1398 mSDtfsCounter, 1556 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 404 GetRequests, 312 SyntacticMatches, 1 SemanticMatches, 91 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 182 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=648occurred in iteration=9, InterpolantAutomatonStates: 77, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 27 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 826 NumberOfCodeBlocks, 826 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 813 ConstructedInterpolants, 0 QuantifiedInterpolants, 1469 SizeOfPredicates, 1 NumberOfNonLiveVariables, 628 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 13 InterpolantComputations, 11 PerfectInterpolantSequences, 111/118 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 323]: Location Invariant Derived location invariant: null - InvariantResult [Line: 795]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 199]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((pumpRunning != 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (pumpRunning != 0)) && (1 == systemActive))) Ensures: (((pumpRunning == 0) && ((((\old(pumpRunning) != 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) || (((\old(pumpRunning) != 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 89]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 907]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((((pumpRunning == 0) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) || ((\old(methaneLevelCritical) == 0) && (1 == systemActive)))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 785]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 919]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: (((((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) && (\result == methaneLevelCritical)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 65]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive))) Ensures: ((((((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || ((pumpRunning == \old(pumpRunning)) && (\old(pumpRunning) != 0))) || ((\old(pumpRunning) != 0) && (pumpRunning == 0))) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel))) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && ((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || ((\old(pumpRunning) != 0) && (pumpRunning == 0))) || (methaneLevelCritical < 1))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 97]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((1 <= methaneLevelCritical) && (1 == systemActive)) || ((methaneLevelCritical == 0) && (1 == systemActive)))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) == 0))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 895]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: ((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) && (((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel))) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && (((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 123]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((methaneLevelCritical == 0) && (1 == systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive))) Ensures: (((((((methaneLevelCritical == 0) && (1 == systemActive)) || (((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) == 0))) && (((((systemActive == \old(systemActive)) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 207]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || (((pumpRunning != 0) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (pumpRunning != 0)) && (1 == systemActive))) Ensures: ((((((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) || (((pumpRunning != 0) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive))) || (((1 <= methaneLevelCritical) && (pumpRunning != 0)) && (1 == systemActive))) && ((methaneLevelCritical < ((long long) \result + 1)) || (methaneLevelCritical < 1))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:52:24,459 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE