./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bff509ff7af2b9788fd6216f7196709183d48c973cf9a066c9793f96467b2abf --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:53:13,907 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:53:13,984 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:53:13,990 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:53:13,991 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:53:14,019 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:53:14,021 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:53:14,021 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:53:14,022 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:53:14,023 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:53:14,023 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:53:14,024 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:53:14,024 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:53:14,026 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:53:14,026 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:53:14,027 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:53:14,027 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:53:14,027 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:53:14,028 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:53:14,028 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:53:14,032 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:53:14,033 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:53:14,033 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:53:14,033 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:53:14,033 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:53:14,034 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:53:14,034 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:53:14,034 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:53:14,034 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:53:14,035 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:53:14,035 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:53:14,035 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:53:14,036 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:53:14,036 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:53:14,037 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:53:14,037 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:53:14,038 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:53:14,038 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:53:14,038 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:53:14,039 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:53:14,039 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:53:14,040 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:53:14,040 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bff509ff7af2b9788fd6216f7196709183d48c973cf9a066c9793f96467b2abf [2024-11-16 07:53:14,308 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:53:14,331 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:53:14,335 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:53:14,336 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:53:14,336 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:53:14,337 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c [2024-11-16 07:53:15,744 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:53:15,968 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:53:15,970 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c [2024-11-16 07:53:15,983 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3044cbb38/a7e68259ccc849df855c4f7c7cdca3e0/FLAG30199d2e7 [2024-11-16 07:53:16,003 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3044cbb38/a7e68259ccc849df855c4f7c7cdca3e0 [2024-11-16 07:53:16,006 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:53:16,007 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:53:16,011 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:53:16,012 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:53:16,017 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:53:16,017 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,018 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@305dc8ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16, skipping insertion in model container [2024-11-16 07:53:16,018 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,063 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:53:16,290 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c[2985,2998] [2024-11-16 07:53:16,430 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:53:16,442 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:53:16,456 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2024-11-16 07:53:16,458 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [155] [2024-11-16 07:53:16,458 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [164] [2024-11-16 07:53:16,458 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [205] [2024-11-16 07:53:16,459 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [313] [2024-11-16 07:53:16,459 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [381] [2024-11-16 07:53:16,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [638] [2024-11-16 07:53:16,460 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [673] [2024-11-16 07:53:16,470 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product63.cil.c[2985,2998] [2024-11-16 07:53:16,524 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:53:16,569 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:53:16,569 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16 WrapperNode [2024-11-16 07:53:16,569 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:53:16,571 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:53:16,571 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:53:16,571 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:53:16,578 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,595 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,629 INFO L138 Inliner]: procedures = 59, calls = 107, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 227 [2024-11-16 07:53:16,633 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:53:16,633 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:53:16,634 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:53:16,634 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:53:16,642 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,642 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,644 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,669 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:53:16,669 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,670 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,674 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,675 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,676 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,681 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,684 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:53:16,685 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:53:16,685 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:53:16,685 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:53:16,690 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (1/1) ... [2024-11-16 07:53:16,696 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:53:16,709 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:53:16,728 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:53:16,737 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:53:16,785 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:53:16,786 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:53:16,786 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:53:16,786 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-16 07:53:16,786 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-16 07:53:16,786 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:53:16,786 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:53:16,787 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:53:16,787 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:53:16,787 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:53:16,787 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:53:16,788 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:53:16,788 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:53:16,788 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:53:16,788 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:53:16,788 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-16 07:53:16,788 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-16 07:53:16,789 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-16 07:53:16,789 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-16 07:53:16,789 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:53:16,790 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:53:16,790 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:53:16,791 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:53:16,791 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:53:16,888 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:53:16,890 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:53:16,990 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L310-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~4#1; [2024-11-16 07:53:16,990 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L620-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~8#1; [2024-11-16 07:53:17,002 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L255: #res := ~retValue_acc~1; [2024-11-16 07:53:17,054 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L546-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~6#1; [2024-11-16 07:53:17,132 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L670-1: valid_product_#res#1 := valid_product_~retValue_acc~10#1; [2024-11-16 07:53:17,132 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L152-1: main_#res#1 := main_~retValue_acc~0#1; [2024-11-16 07:53:17,175 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L601-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~7#1; [2024-11-16 07:53:17,176 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L301-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~3#1; [2024-11-16 07:53:17,183 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L537: #res := ~retValue_acc~5; [2024-11-16 07:53:17,219 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-11-16 07:53:17,220 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:53:17,236 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:53:17,236 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:53:17,236 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:53:17 BoogieIcfgContainer [2024-11-16 07:53:17,236 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:53:17,239 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:53:17,239 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:53:17,242 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:53:17,242 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:53:16" (1/3) ... [2024-11-16 07:53:17,243 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@16ce8c13 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:53:17, skipping insertion in model container [2024-11-16 07:53:17,243 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:53:16" (2/3) ... [2024-11-16 07:53:17,243 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@16ce8c13 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:53:17, skipping insertion in model container [2024-11-16 07:53:17,244 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:53:17" (3/3) ... [2024-11-16 07:53:17,245 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product63.cil.c [2024-11-16 07:53:17,258 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:53:17,258 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:53:17,319 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:53:17,325 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@291a8cc7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:53:17,325 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:53:17,328 INFO L276 IsEmpty]: Start isEmpty. Operand has 120 states, 89 states have (on average 1.348314606741573) internal successors, (120), 100 states have internal predecessors, (120), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2024-11-16 07:53:17,337 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2024-11-16 07:53:17,337 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:17,338 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:17,338 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:17,342 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:17,342 INFO L85 PathProgramCache]: Analyzing trace with hash -1966696466, now seen corresponding path program 1 times [2024-11-16 07:53:17,349 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:17,349 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1208291326] [2024-11-16 07:53:17,350 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:17,350 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:17,480 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:17,539 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-11-16 07:53:17,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:17,547 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:53:17,548 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:17,548 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1208291326] [2024-11-16 07:53:17,549 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1208291326] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:17,549 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:17,549 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:53:17,550 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1064544651] [2024-11-16 07:53:17,551 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:17,556 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:53:17,557 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:17,578 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:53:17,579 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:53:17,582 INFO L87 Difference]: Start difference. First operand has 120 states, 89 states have (on average 1.348314606741573) internal successors, (120), 100 states have internal predecessors, (120), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:17,630 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:17,630 INFO L93 Difference]: Finished difference Result 230 states and 309 transitions. [2024-11-16 07:53:17,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:53:17,634 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 27 [2024-11-16 07:53:17,635 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:17,644 INFO L225 Difference]: With dead ends: 230 [2024-11-16 07:53:17,644 INFO L226 Difference]: Without dead ends: 109 [2024-11-16 07:53:17,648 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:53:17,651 INFO L432 NwaCegarLoop]: 151 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:17,652 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:53:17,668 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2024-11-16 07:53:17,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 109. [2024-11-16 07:53:17,700 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 109 states, 80 states have (on average 1.3) internal successors, (104), 90 states have internal predecessors, (104), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-16 07:53:17,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 141 transitions. [2024-11-16 07:53:17,707 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 141 transitions. Word has length 27 [2024-11-16 07:53:17,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:17,708 INFO L471 AbstractCegarLoop]: Abstraction has 109 states and 141 transitions. [2024-11-16 07:53:17,708 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 11.5) internal successors, (23), 2 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:17,709 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 141 transitions. [2024-11-16 07:53:17,713 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-16 07:53:17,713 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:17,713 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:17,714 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:53:17,716 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:17,717 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:17,717 INFO L85 PathProgramCache]: Analyzing trace with hash -1322570045, now seen corresponding path program 1 times [2024-11-16 07:53:17,717 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:17,717 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1675898216] [2024-11-16 07:53:17,718 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:17,718 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:17,753 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:17,849 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-16 07:53:17,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:17,858 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:53:17,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:17,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1675898216] [2024-11-16 07:53:17,859 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1675898216] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:17,859 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:17,859 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:53:17,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [609430259] [2024-11-16 07:53:17,860 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:17,861 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:53:17,862 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:17,864 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:53:17,864 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:53:17,865 INFO L87 Difference]: Start difference. First operand 109 states and 141 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:17,896 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:17,898 INFO L93 Difference]: Finished difference Result 176 states and 228 transitions. [2024-11-16 07:53:17,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:53:17,899 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2024-11-16 07:53:17,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:17,901 INFO L225 Difference]: With dead ends: 176 [2024-11-16 07:53:17,902 INFO L226 Difference]: Without dead ends: 98 [2024-11-16 07:53:17,903 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:53:17,906 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 15 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 230 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:17,907 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 230 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:53:17,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2024-11-16 07:53:17,921 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2024-11-16 07:53:17,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 72 states have (on average 1.3194444444444444) internal successors, (95), 82 states have internal predecessors, (95), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-16 07:53:17,926 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 127 transitions. [2024-11-16 07:53:17,927 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 127 transitions. Word has length 30 [2024-11-16 07:53:17,927 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:17,928 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 127 transitions. [2024-11-16 07:53:17,928 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:17,928 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 127 transitions. [2024-11-16 07:53:17,931 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-16 07:53:17,932 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:17,933 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:17,933 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:53:17,933 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:17,933 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:17,934 INFO L85 PathProgramCache]: Analyzing trace with hash 2141031682, now seen corresponding path program 1 times [2024-11-16 07:53:17,934 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:17,934 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [264894279] [2024-11-16 07:53:17,934 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:17,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:17,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,194 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:18,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,226 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:53:18,227 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:18,227 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [264894279] [2024-11-16 07:53:18,227 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [264894279] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:18,227 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:18,227 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:53:18,228 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1809476743] [2024-11-16 07:53:18,228 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:18,228 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:53:18,229 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:18,229 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:53:18,229 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:53:18,230 INFO L87 Difference]: Start difference. First operand 98 states and 127 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:18,466 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:18,467 INFO L93 Difference]: Finished difference Result 322 states and 424 transitions. [2024-11-16 07:53:18,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:53:18,467 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-11-16 07:53:18,468 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:18,470 INFO L225 Difference]: With dead ends: 322 [2024-11-16 07:53:18,471 INFO L226 Difference]: Without dead ends: 232 [2024-11-16 07:53:18,471 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2024-11-16 07:53:18,476 INFO L432 NwaCegarLoop]: 141 mSDtfsCounter, 225 mSDsluCounter, 399 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 225 SdHoareTripleChecker+Valid, 540 SdHoareTripleChecker+Invalid, 121 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:18,477 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [225 Valid, 540 Invalid, 121 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:53:18,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2024-11-16 07:53:18,517 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 224. [2024-11-16 07:53:18,517 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 224 states, 163 states have (on average 1.3496932515337423) internal successors, (220), 185 states have internal predecessors, (220), 37 states have call successors, (37), 23 states have call predecessors, (37), 23 states have return successors, (38), 25 states have call predecessors, (38), 37 states have call successors, (38) [2024-11-16 07:53:18,524 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 224 states to 224 states and 295 transitions. [2024-11-16 07:53:18,526 INFO L78 Accepts]: Start accepts. Automaton has 224 states and 295 transitions. Word has length 32 [2024-11-16 07:53:18,526 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:18,526 INFO L471 AbstractCegarLoop]: Abstraction has 224 states and 295 transitions. [2024-11-16 07:53:18,526 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:18,526 INFO L276 IsEmpty]: Start isEmpty. Operand 224 states and 295 transitions. [2024-11-16 07:53:18,528 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2024-11-16 07:53:18,528 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:18,528 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:18,528 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:53:18,528 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:18,530 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:18,531 INFO L85 PathProgramCache]: Analyzing trace with hash 123956102, now seen corresponding path program 1 times [2024-11-16 07:53:18,531 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:18,532 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2031304882] [2024-11-16 07:53:18,532 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:18,532 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:18,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:53:18,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,652 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:53:18,652 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:18,652 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2031304882] [2024-11-16 07:53:18,652 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2031304882] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:18,655 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:18,655 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:53:18,655 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1424775633] [2024-11-16 07:53:18,655 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:18,656 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:53:18,656 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:18,656 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:53:18,657 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:53:18,657 INFO L87 Difference]: Start difference. First operand 224 states and 295 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:18,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:18,749 INFO L93 Difference]: Finished difference Result 537 states and 722 transitions. [2024-11-16 07:53:18,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:53:18,750 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 36 [2024-11-16 07:53:18,750 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:18,754 INFO L225 Difference]: With dead ends: 537 [2024-11-16 07:53:18,760 INFO L226 Difference]: Without dead ends: 321 [2024-11-16 07:53:18,761 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:53:18,762 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 66 mSDsluCounter, 321 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 442 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:18,763 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 442 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:53:18,766 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 321 states. [2024-11-16 07:53:18,805 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 321 to 319. [2024-11-16 07:53:18,806 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 319 states, 234 states have (on average 1.2820512820512822) internal successors, (300), 255 states have internal predecessors, (300), 46 states have call successors, (46), 38 states have call predecessors, (46), 38 states have return successors, (60), 41 states have call predecessors, (60), 46 states have call successors, (60) [2024-11-16 07:53:18,808 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 319 states to 319 states and 406 transitions. [2024-11-16 07:53:18,809 INFO L78 Accepts]: Start accepts. Automaton has 319 states and 406 transitions. Word has length 36 [2024-11-16 07:53:18,809 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:18,810 INFO L471 AbstractCegarLoop]: Abstraction has 319 states and 406 transitions. [2024-11-16 07:53:18,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:53:18,810 INFO L276 IsEmpty]: Start isEmpty. Operand 319 states and 406 transitions. [2024-11-16 07:53:18,813 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-11-16 07:53:18,816 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:18,816 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:18,816 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:53:18,817 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:18,817 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:18,817 INFO L85 PathProgramCache]: Analyzing trace with hash -1581218754, now seen corresponding path program 1 times [2024-11-16 07:53:18,817 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:18,818 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2022995171] [2024-11-16 07:53:18,818 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:18,818 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:18,839 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,897 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:18,907 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,922 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:18,930 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,968 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:18,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,975 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:18,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,979 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:53:18,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:18,982 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:53:18,983 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:18,983 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2022995171] [2024-11-16 07:53:18,984 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2022995171] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:18,984 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:18,985 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:53:18,986 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [847744366] [2024-11-16 07:53:18,986 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:18,986 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:53:18,986 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:18,987 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:53:18,987 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:53:18,987 INFO L87 Difference]: Start difference. First operand 319 states and 406 transitions. Second operand has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:53:19,235 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:19,236 INFO L93 Difference]: Finished difference Result 693 states and 906 transitions. [2024-11-16 07:53:19,236 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:53:19,237 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 63 [2024-11-16 07:53:19,237 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:19,240 INFO L225 Difference]: With dead ends: 693 [2024-11-16 07:53:19,240 INFO L226 Difference]: Without dead ends: 382 [2024-11-16 07:53:19,241 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:53:19,242 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 69 mSDsluCounter, 323 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 420 SdHoareTripleChecker+Invalid, 183 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:19,243 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 420 Invalid, 183 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:53:19,244 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 382 states. [2024-11-16 07:53:19,278 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 382 to 379. [2024-11-16 07:53:19,279 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 379 states, 280 states have (on average 1.2642857142857142) internal successors, (354), 301 states have internal predecessors, (354), 50 states have call successors, (50), 38 states have call predecessors, (50), 48 states have return successors, (74), 53 states have call predecessors, (74), 50 states have call successors, (74) [2024-11-16 07:53:19,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 379 states to 379 states and 478 transitions. [2024-11-16 07:53:19,284 INFO L78 Accepts]: Start accepts. Automaton has 379 states and 478 transitions. Word has length 63 [2024-11-16 07:53:19,285 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:19,285 INFO L471 AbstractCegarLoop]: Abstraction has 379 states and 478 transitions. [2024-11-16 07:53:19,285 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.333333333333334) internal successors, (50), 5 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:53:19,286 INFO L276 IsEmpty]: Start isEmpty. Operand 379 states and 478 transitions. [2024-11-16 07:53:19,287 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-11-16 07:53:19,287 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:19,288 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:19,288 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:53:19,288 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:19,289 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:19,289 INFO L85 PathProgramCache]: Analyzing trace with hash -555726755, now seen corresponding path program 1 times [2024-11-16 07:53:19,289 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:19,290 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [173007624] [2024-11-16 07:53:19,290 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:19,290 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:19,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,385 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:19,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,416 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:19,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,455 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:19,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,460 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:19,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,464 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:53:19,468 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,469 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:53:19,470 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:19,470 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [173007624] [2024-11-16 07:53:19,470 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [173007624] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:19,470 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:19,470 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-16 07:53:19,471 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1446913792] [2024-11-16 07:53:19,471 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:19,471 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-16 07:53:19,471 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:19,472 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-16 07:53:19,472 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:53:19,472 INFO L87 Difference]: Start difference. First operand 379 states and 478 transitions. Second operand has 7 states, 7 states have (on average 7.142857142857143) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:53:19,684 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:19,685 INFO L93 Difference]: Finished difference Result 757 states and 982 transitions. [2024-11-16 07:53:19,685 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:53:19,685 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 7.142857142857143) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 63 [2024-11-16 07:53:19,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:19,688 INFO L225 Difference]: With dead ends: 757 [2024-11-16 07:53:19,688 INFO L226 Difference]: Without dead ends: 386 [2024-11-16 07:53:19,689 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=53, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:53:19,692 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 68 mSDsluCounter, 410 mSDsCounter, 0 mSdLazyCounter, 209 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 506 SdHoareTripleChecker+Invalid, 227 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 209 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:19,694 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 506 Invalid, 227 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 209 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:53:19,695 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 386 states. [2024-11-16 07:53:19,725 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 386 to 383. [2024-11-16 07:53:19,727 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 383 states, 284 states have (on average 1.2605633802816902) internal successors, (358), 305 states have internal predecessors, (358), 50 states have call successors, (50), 38 states have call predecessors, (50), 48 states have return successors, (74), 53 states have call predecessors, (74), 50 states have call successors, (74) [2024-11-16 07:53:19,729 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 383 states to 383 states and 482 transitions. [2024-11-16 07:53:19,730 INFO L78 Accepts]: Start accepts. Automaton has 383 states and 482 transitions. Word has length 63 [2024-11-16 07:53:19,730 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:19,730 INFO L471 AbstractCegarLoop]: Abstraction has 383 states and 482 transitions. [2024-11-16 07:53:19,730 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 7.142857142857143) internal successors, (50), 6 states have internal predecessors, (50), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-16 07:53:19,731 INFO L276 IsEmpty]: Start isEmpty. Operand 383 states and 482 transitions. [2024-11-16 07:53:19,731 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2024-11-16 07:53:19,732 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:19,732 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:19,732 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:53:19,732 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:19,732 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:19,733 INFO L85 PathProgramCache]: Analyzing trace with hash -950093541, now seen corresponding path program 1 times [2024-11-16 07:53:19,733 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:19,733 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1518087550] [2024-11-16 07:53:19,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:19,733 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:19,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,780 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:19,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,798 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:19,801 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,812 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:19,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,816 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:19,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,818 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2024-11-16 07:53:19,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:19,821 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:53:19,821 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:19,822 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1518087550] [2024-11-16 07:53:19,822 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1518087550] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:19,822 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:19,822 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:53:19,822 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1255036853] [2024-11-16 07:53:19,822 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:19,822 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:53:19,823 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:19,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:53:19,824 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:53:19,824 INFO L87 Difference]: Start difference. First operand 383 states and 482 transitions. Second operand has 5 states, 5 states have (on average 10.0) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:53:20,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:20,137 INFO L93 Difference]: Finished difference Result 1097 states and 1435 transitions. [2024-11-16 07:53:20,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:53:20,138 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 63 [2024-11-16 07:53:20,138 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:20,142 INFO L225 Difference]: With dead ends: 1097 [2024-11-16 07:53:20,143 INFO L226 Difference]: Without dead ends: 722 [2024-11-16 07:53:20,144 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:53:20,145 INFO L432 NwaCegarLoop]: 143 mSDtfsCounter, 252 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 260 SdHoareTripleChecker+Valid, 350 SdHoareTripleChecker+Invalid, 245 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:20,145 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [260 Valid, 350 Invalid, 245 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:53:20,146 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 722 states. [2024-11-16 07:53:20,198 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 722 to 714. [2024-11-16 07:53:20,199 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 714 states, 532 states have (on average 1.2349624060150375) internal successors, (657), 565 states have internal predecessors, (657), 93 states have call successors, (93), 83 states have call predecessors, (93), 88 states have return successors, (152), 93 states have call predecessors, (152), 93 states have call successors, (152) [2024-11-16 07:53:20,203 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 714 states to 714 states and 902 transitions. [2024-11-16 07:53:20,204 INFO L78 Accepts]: Start accepts. Automaton has 714 states and 902 transitions. Word has length 63 [2024-11-16 07:53:20,204 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:20,205 INFO L471 AbstractCegarLoop]: Abstraction has 714 states and 902 transitions. [2024-11-16 07:53:20,205 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 4 states have internal predecessors, (50), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-16 07:53:20,205 INFO L276 IsEmpty]: Start isEmpty. Operand 714 states and 902 transitions. [2024-11-16 07:53:20,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-11-16 07:53:20,206 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:20,207 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:20,207 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:53:20,207 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:20,207 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:20,207 INFO L85 PathProgramCache]: Analyzing trace with hash 1878692313, now seen corresponding path program 1 times [2024-11-16 07:53:20,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:20,208 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [355602968] [2024-11-16 07:53:20,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:20,208 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:20,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,255 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:53:20,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,262 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:53:20,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,272 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:20,274 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,278 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:20,279 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,281 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:20,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,283 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2024-11-16 07:53:20,284 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:20,285 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:53:20,285 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:20,285 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [355602968] [2024-11-16 07:53:20,285 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [355602968] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:20,286 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:53:20,286 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:53:20,286 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1767121194] [2024-11-16 07:53:20,286 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:20,286 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:53:20,286 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:20,287 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:53:20,287 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:53:20,287 INFO L87 Difference]: Start difference. First operand 714 states and 902 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 3 states have internal predecessors, (52), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-16 07:53:20,763 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:20,763 INFO L93 Difference]: Finished difference Result 1381 states and 1844 transitions. [2024-11-16 07:53:20,763 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-16 07:53:20,764 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 3 states have internal predecessors, (52), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 67 [2024-11-16 07:53:20,765 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:20,772 INFO L225 Difference]: With dead ends: 1381 [2024-11-16 07:53:20,772 INFO L226 Difference]: Without dead ends: 1378 [2024-11-16 07:53:20,773 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 17 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:53:20,774 INFO L432 NwaCegarLoop]: 73 mSDtfsCounter, 382 mSDsluCounter, 149 mSDsCounter, 0 mSdLazyCounter, 204 mSolverCounterSat, 165 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 387 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 369 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 165 IncrementalHoareTripleChecker+Valid, 204 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:20,774 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [387 Valid, 222 Invalid, 369 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [165 Valid, 204 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-16 07:53:20,775 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1378 states. [2024-11-16 07:53:20,883 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1378 to 1253. [2024-11-16 07:53:20,885 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1253 states, 924 states have (on average 1.2359307359307359) internal successors, (1142), 993 states have internal predecessors, (1142), 176 states have call successors, (176), 128 states have call predecessors, (176), 152 states have return successors, (364), 171 states have call predecessors, (364), 176 states have call successors, (364) [2024-11-16 07:53:20,891 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1253 states to 1253 states and 1682 transitions. [2024-11-16 07:53:20,893 INFO L78 Accepts]: Start accepts. Automaton has 1253 states and 1682 transitions. Word has length 67 [2024-11-16 07:53:20,894 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:20,894 INFO L471 AbstractCegarLoop]: Abstraction has 1253 states and 1682 transitions. [2024-11-16 07:53:20,894 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 3 states have internal predecessors, (52), 2 states have call successors, (7), 4 states have call predecessors, (7), 1 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-16 07:53:20,894 INFO L276 IsEmpty]: Start isEmpty. Operand 1253 states and 1682 transitions. [2024-11-16 07:53:20,898 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2024-11-16 07:53:20,900 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:20,900 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:20,900 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:53:20,900 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:20,901 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:20,901 INFO L85 PathProgramCache]: Analyzing trace with hash -290026195, now seen corresponding path program 1 times [2024-11-16 07:53:20,901 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:20,901 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [490645663] [2024-11-16 07:53:20,901 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:20,902 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:20,920 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,016 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:53:21,017 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,031 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:21,037 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,069 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:53:21,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,083 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:21,088 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,109 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:21,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,112 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:21,117 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,118 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:53:21,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,122 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2024-11-16 07:53:21,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,132 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:21,138 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,141 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:21,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,144 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:21,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,145 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 112 [2024-11-16 07:53:21,146 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,147 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 21 proven. 7 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2024-11-16 07:53:21,147 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:21,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [490645663] [2024-11-16 07:53:21,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [490645663] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:53:21,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1853536437] [2024-11-16 07:53:21,148 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:21,148 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:21,148 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:53:21,150 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:53:21,151 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:53:21,262 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,266 INFO L255 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 4 conjuncts are in the unsatisfiable core [2024-11-16 07:53:21,274 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:53:21,347 INFO L134 CoverageAnalysis]: Checked inductivity of 65 backedges. 62 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:53:21,347 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:53:21,347 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1853536437] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:21,347 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:53:21,347 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [9] total 9 [2024-11-16 07:53:21,348 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [927125995] [2024-11-16 07:53:21,348 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:21,348 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:53:21,348 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:21,349 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:53:21,349 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:53:21,349 INFO L87 Difference]: Start difference. First operand 1253 states and 1682 transitions. Second operand has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-16 07:53:21,463 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:21,464 INFO L93 Difference]: Finished difference Result 2201 states and 3009 transitions. [2024-11-16 07:53:21,464 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:53:21,464 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 123 [2024-11-16 07:53:21,465 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:21,472 INFO L225 Difference]: With dead ends: 2201 [2024-11-16 07:53:21,473 INFO L226 Difference]: Without dead ends: 1100 [2024-11-16 07:53:21,479 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 156 GetRequests, 149 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=54, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:53:21,481 INFO L432 NwaCegarLoop]: 176 mSDtfsCounter, 58 mSDsluCounter, 85 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 261 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:21,482 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 261 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:53:21,484 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1100 states. [2024-11-16 07:53:21,553 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1100 to 1100. [2024-11-16 07:53:21,555 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1100 states, 810 states have (on average 1.208641975308642) internal successors, (979), 870 states have internal predecessors, (979), 154 states have call successors, (154), 119 states have call predecessors, (154), 135 states have return successors, (240), 147 states have call predecessors, (240), 154 states have call successors, (240) [2024-11-16 07:53:21,560 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1100 states to 1100 states and 1373 transitions. [2024-11-16 07:53:21,562 INFO L78 Accepts]: Start accepts. Automaton has 1100 states and 1373 transitions. Word has length 123 [2024-11-16 07:53:21,562 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:21,562 INFO L471 AbstractCegarLoop]: Abstraction has 1100 states and 1373 transitions. [2024-11-16 07:53:21,562 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 32.0) internal successors, (96), 3 states have internal predecessors, (96), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2024-11-16 07:53:21,562 INFO L276 IsEmpty]: Start isEmpty. Operand 1100 states and 1373 transitions. [2024-11-16 07:53:21,565 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 126 [2024-11-16 07:53:21,565 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:21,565 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:21,583 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-16 07:53:21,769 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:21,770 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:21,770 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:21,770 INFO L85 PathProgramCache]: Analyzing trace with hash 55879552, now seen corresponding path program 1 times [2024-11-16 07:53:21,770 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:21,771 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [549581783] [2024-11-16 07:53:21,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:21,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:21,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,874 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:53:21,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,887 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:21,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,942 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:53:21,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:21,973 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:21,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,099 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:22,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,148 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:22,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,163 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:53:22,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,170 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 83 [2024-11-16 07:53:22,171 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,173 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:22,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,174 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2024-11-16 07:53:22,176 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,178 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-16 07:53:22,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,179 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:22,180 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,180 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 114 [2024-11-16 07:53:22,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,182 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 18 proven. 15 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2024-11-16 07:53:22,183 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:22,183 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [549581783] [2024-11-16 07:53:22,183 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [549581783] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:53:22,183 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1702634432] [2024-11-16 07:53:22,183 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:22,183 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:22,184 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:53:22,185 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:53:22,186 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-16 07:53:22,294 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:22,296 INFO L255 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-11-16 07:53:22,305 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:53:22,473 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 9 proven. 2 refuted. 0 times theorem prover too weak. 41 trivial. 0 not checked. [2024-11-16 07:53:22,473 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:53:22,641 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2024-11-16 07:53:22,641 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1702634432] provided 1 perfect and 1 imperfect interpolant sequences [2024-11-16 07:53:22,642 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2024-11-16 07:53:22,642 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [13, 5] total 15 [2024-11-16 07:53:22,642 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [540198394] [2024-11-16 07:53:22,642 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:22,643 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:53:22,643 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:22,643 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:53:22,644 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=37, Invalid=173, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:53:22,644 INFO L87 Difference]: Start difference. First operand 1100 states and 1373 transitions. Second operand has 6 states, 6 states have (on average 13.166666666666666) internal successors, (79), 5 states have internal predecessors, (79), 2 states have call successors, (13), 2 states have call predecessors, (13), 2 states have return successors, (12), 3 states have call predecessors, (12), 2 states have call successors, (12) [2024-11-16 07:53:22,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:22,858 INFO L93 Difference]: Finished difference Result 3152 states and 4024 transitions. [2024-11-16 07:53:22,859 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:53:22,860 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 13.166666666666666) internal successors, (79), 5 states have internal predecessors, (79), 2 states have call successors, (13), 2 states have call predecessors, (13), 2 states have return successors, (12), 3 states have call predecessors, (12), 2 states have call successors, (12) Word has length 125 [2024-11-16 07:53:22,860 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:22,870 INFO L225 Difference]: With dead ends: 3152 [2024-11-16 07:53:22,870 INFO L226 Difference]: Without dead ends: 2060 [2024-11-16 07:53:22,873 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 289 GetRequests, 273 SyntacticMatches, 1 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 38 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=49, Invalid=223, Unknown=0, NotChecked=0, Total=272 [2024-11-16 07:53:22,874 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 84 mSDsluCounter, 445 mSDsCounter, 0 mSdLazyCounter, 60 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 570 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 60 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:22,875 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 570 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 60 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:53:22,876 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2060 states. [2024-11-16 07:53:23,016 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2060 to 1831. [2024-11-16 07:53:23,019 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1831 states, 1339 states have (on average 1.1844660194174756) internal successors, (1586), 1442 states have internal predecessors, (1586), 257 states have call successors, (257), 202 states have call predecessors, (257), 234 states have return successors, (401), 250 states have call predecessors, (401), 257 states have call successors, (401) [2024-11-16 07:53:23,028 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1831 states to 1831 states and 2244 transitions. [2024-11-16 07:53:23,031 INFO L78 Accepts]: Start accepts. Automaton has 1831 states and 2244 transitions. Word has length 125 [2024-11-16 07:53:23,031 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:23,032 INFO L471 AbstractCegarLoop]: Abstraction has 1831 states and 2244 transitions. [2024-11-16 07:53:23,032 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 13.166666666666666) internal successors, (79), 5 states have internal predecessors, (79), 2 states have call successors, (13), 2 states have call predecessors, (13), 2 states have return successors, (12), 3 states have call predecessors, (12), 2 states have call successors, (12) [2024-11-16 07:53:23,032 INFO L276 IsEmpty]: Start isEmpty. Operand 1831 states and 2244 transitions. [2024-11-16 07:53:23,036 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2024-11-16 07:53:23,036 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:23,036 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:23,053 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-16 07:53:23,240 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:53:23,241 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:23,242 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:23,242 INFO L85 PathProgramCache]: Analyzing trace with hash -1884377057, now seen corresponding path program 1 times [2024-11-16 07:53:23,242 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:23,242 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1834817519] [2024-11-16 07:53:23,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:23,242 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:23,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,372 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:53:23,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,380 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2024-11-16 07:53:23,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,403 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:53:23,410 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,485 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:53:23,489 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,509 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:23,513 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,579 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:23,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,643 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:23,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,662 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:53:23,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,668 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2024-11-16 07:53:23,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,671 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:23,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,672 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 98 [2024-11-16 07:53:23,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,676 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-16 07:53:23,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,678 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:23,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,680 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 118 [2024-11-16 07:53:23,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,682 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 18 proven. 15 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2024-11-16 07:53:23,683 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:23,684 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1834817519] [2024-11-16 07:53:23,684 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1834817519] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:53:23,684 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [221937184] [2024-11-16 07:53:23,684 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:23,684 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:23,684 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:53:23,686 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:53:23,687 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-16 07:53:23,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:23,799 INFO L255 TraceCheckSpWp]: Trace formula consists of 397 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-16 07:53:23,802 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:53:23,977 INFO L134 CoverageAnalysis]: Checked inductivity of 52 backedges. 31 proven. 0 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2024-11-16 07:53:23,979 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:53:23,980 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [221937184] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:23,980 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:53:23,980 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [18] total 23 [2024-11-16 07:53:23,980 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [295976686] [2024-11-16 07:53:23,980 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:23,981 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:53:23,981 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:23,981 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:53:23,982 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=58, Invalid=448, Unknown=0, NotChecked=0, Total=506 [2024-11-16 07:53:23,982 INFO L87 Difference]: Start difference. First operand 1831 states and 2244 transitions. Second operand has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (13), 5 states have call predecessors, (13), 3 states have call successors, (13) [2024-11-16 07:53:24,260 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:24,260 INFO L93 Difference]: Finished difference Result 3555 states and 4380 transitions. [2024-11-16 07:53:24,261 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-16 07:53:24,261 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (13), 5 states have call predecessors, (13), 3 states have call successors, (13) Word has length 129 [2024-11-16 07:53:24,262 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:24,271 INFO L225 Difference]: With dead ends: 3555 [2024-11-16 07:53:24,271 INFO L226 Difference]: Without dead ends: 1732 [2024-11-16 07:53:24,277 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 172 GetRequests, 151 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 50 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=58, Invalid=448, Unknown=0, NotChecked=0, Total=506 [2024-11-16 07:53:24,277 INFO L432 NwaCegarLoop]: 228 mSDtfsCounter, 83 mSDsluCounter, 1064 mSDsCounter, 0 mSdLazyCounter, 217 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 1292 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 217 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:24,278 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [85 Valid, 1292 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 217 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-16 07:53:24,279 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1732 states. [2024-11-16 07:53:24,401 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1732 to 1643. [2024-11-16 07:53:24,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1643 states, 1204 states have (on average 1.1752491694352158) internal successors, (1415), 1293 states have internal predecessors, (1415), 234 states have call successors, (234), 180 states have call predecessors, (234), 204 states have return successors, (328), 224 states have call predecessors, (328), 234 states have call successors, (328) [2024-11-16 07:53:24,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1643 states to 1643 states and 1977 transitions. [2024-11-16 07:53:24,414 INFO L78 Accepts]: Start accepts. Automaton has 1643 states and 1977 transitions. Word has length 129 [2024-11-16 07:53:24,415 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:24,415 INFO L471 AbstractCegarLoop]: Abstraction has 1643 states and 1977 transitions. [2024-11-16 07:53:24,415 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (13), 5 states have call predecessors, (13), 3 states have call successors, (13) [2024-11-16 07:53:24,415 INFO L276 IsEmpty]: Start isEmpty. Operand 1643 states and 1977 transitions. [2024-11-16 07:53:24,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 185 [2024-11-16 07:53:24,422 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:53:24,422 INFO L215 NwaCegarLoop]: trace histogram [6, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:24,441 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-16 07:53:24,626 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:24,627 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:53:24,627 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:53:24,628 INFO L85 PathProgramCache]: Analyzing trace with hash 57075735, now seen corresponding path program 1 times [2024-11-16 07:53:24,628 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:53:24,628 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1998761281] [2024-11-16 07:53:24,628 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:24,628 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:53:24,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,758 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:53:24,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,771 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2024-11-16 07:53:24,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,784 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2024-11-16 07:53:24,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,789 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:24,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,796 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:53:24,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,800 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:24,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,803 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2024-11-16 07:53:24,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,813 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2024-11-16 07:53:24,814 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,825 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2024-11-16 07:53:24,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,917 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 5 [2024-11-16 07:53:24,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,949 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:24,951 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,967 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 16 [2024-11-16 07:53:24,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,973 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-16 07:53:24,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,975 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:24,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,976 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 36 [2024-11-16 07:53:24,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,982 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2024-11-16 07:53:24,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,985 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:53:24,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,986 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 153 [2024-11-16 07:53:24,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,992 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2024-11-16 07:53:24,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,996 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:53:24,996 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,997 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 173 [2024-11-16 07:53:24,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:24,998 INFO L134 CoverageAnalysis]: Checked inductivity of 159 backedges. 64 proven. 11 refuted. 0 times theorem prover too weak. 84 trivial. 0 not checked. [2024-11-16 07:53:24,999 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:53:24,999 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1998761281] [2024-11-16 07:53:24,999 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1998761281] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:53:24,999 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1794154394] [2024-11-16 07:53:24,999 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:53:24,999 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:25,000 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:53:25,001 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:53:25,001 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-16 07:53:25,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:53:25,152 INFO L255 TraceCheckSpWp]: Trace formula consists of 526 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-16 07:53:25,156 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:53:25,324 INFO L134 CoverageAnalysis]: Checked inductivity of 159 backedges. 114 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2024-11-16 07:53:25,325 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-16 07:53:25,325 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1794154394] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:53:25,325 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-16 07:53:25,325 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [18] total 23 [2024-11-16 07:53:25,326 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1090725238] [2024-11-16 07:53:25,326 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:53:25,326 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-16 07:53:25,326 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:53:25,327 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-16 07:53:25,327 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=450, Unknown=0, NotChecked=0, Total=506 [2024-11-16 07:53:25,328 INFO L87 Difference]: Start difference. First operand 1643 states and 1977 transitions. Second operand has 8 states, 8 states have (on average 14.0) internal successors, (112), 6 states have internal predecessors, (112), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) [2024-11-16 07:53:25,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:53:25,531 INFO L93 Difference]: Finished difference Result 2663 states and 3213 transitions. [2024-11-16 07:53:25,532 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-16 07:53:25,532 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 14.0) internal successors, (112), 6 states have internal predecessors, (112), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) Word has length 184 [2024-11-16 07:53:25,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:53:25,535 INFO L225 Difference]: With dead ends: 2663 [2024-11-16 07:53:25,535 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:53:25,540 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 239 GetRequests, 218 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 39 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=56, Invalid=450, Unknown=0, NotChecked=0, Total=506 [2024-11-16 07:53:25,541 INFO L432 NwaCegarLoop]: 205 mSDtfsCounter, 70 mSDsluCounter, 875 mSDsCounter, 0 mSdLazyCounter, 174 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 1080 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 174 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:53:25,541 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 1080 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 174 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:53:25,542 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:53:25,542 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:53:25,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:53:25,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:53:25,544 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 184 [2024-11-16 07:53:25,544 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:53:25,544 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:53:25,544 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 14.0) internal successors, (112), 6 states have internal predecessors, (112), 3 states have call successors, (18), 3 states have call predecessors, (18), 5 states have return successors, (17), 5 states have call predecessors, (17), 3 states have call successors, (17) [2024-11-16 07:53:25,545 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:53:25,545 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:53:25,547 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:53:25,565 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-11-16 07:53:25,748 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:53:25,750 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:53:25,752 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:53:32,147 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:53:32,160 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse1 (<= 1 |old(~pumpRunning~0)|)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (= ~methAndRunningLastTime~0 0) .cse0 .cse1 .cse2) (and (= ~methaneLevelCritical~0 0) .cse1 .cse2) (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~methaneLevelCritical~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and .cse0 (= ~methAndRunningLastTime~0 0) .cse2 .cse1) (and .cse0 .cse2 (<= 2 ~waterLevel~0) .cse1))) [2024-11-16 07:53:32,180 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0))) (or (and .cse1 .cse2 .cse0) (and .cse1 .cse2 (<= 1 |old(~methaneLevelCritical~0)|)) (and (<= 1 ~pumpRunning~0) .cse2 .cse0 (not (= 0 ~systemActive~0))))))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0))) (or (and .cse1 .cse2 .cse0) (and .cse1 .cse2 (<= 1 |old(~methaneLevelCritical~0)|)) (and (<= 1 ~pumpRunning~0) .cse2 .cse0 (not (= 0 ~systemActive~0)))))))) [2024-11-16 07:53:32,183 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-16 07:53:32,198 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse9 (= |old(~methAndRunningLastTime~0)| 0)) (.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not .cse5)) (.cse2 (not .cse9)) (.cse0 (= ~methAndRunningLastTime~0 0)) (.cse3 (= 0 ~systemActive~0))) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or .cse0 (< |old(~pumpRunning~0)| 1) (< ~methaneLevelCritical~0 1)) (or .cse1 .cse2 .cse0 (not (= |old(~waterLevel~0)| 1))) (or .cse1 .cse2 .cse0 .cse3) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse4 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 1 ~methaneLevelCritical~0)) (.cse6 (<= 1 |old(~pumpRunning~0)|)) (.cse7 (not .cse3))) (or (and .cse4 .cse5) (and .cse4 .cse6 .cse7) (and .cse8 .cse5) (and .cse8 .cse9 .cse6 .cse7)))))) Eliminated clause: (let ((.cse0 (= ~methAndRunningLastTime~0 0))) (and (or (< ~pumpRunning~0 1) .cse0 (< ~methaneLevelCritical~0 1)) (exists ((|old(~methAndRunningLastTime~0)| Int)) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse9 (= |old(~methAndRunningLastTime~0)| 0))) (let ((.cse1 (not .cse9)) (.cse2 (not .cse4)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse1 .cse0 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse1 .cse0 .cse2) (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse8 (not .cse3)) (.cse7 (= ~methaneLevelCritical~0 0))) (or (and .cse4 .cse5) (and .cse6 .cse7 .cse8) (and .cse6 .cse5 .cse9 .cse8) (and .cse4 .cse7))))))))) [2024-11-16 07:53:32,217 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-16 07:53:32,225 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse2) (and .cse0 (<= 1 |old(~pumpRunning~0)|) .cse2)))) Eliminated clause: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1) (and .cse2 .cse0 .cse1) (and .cse2 (<= 1 ~methaneLevelCritical~0) .cse1))) [2024-11-16 07:53:32,239 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse0 (= ~methAndRunningLastTime~0 0))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (not (= 0 ~systemActive~0))) (and .cse2 .cse0 .cse1) (and .cse2 .cse0 (<= 1 ~methaneLevelCritical~0)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse0 (= ~methAndRunningLastTime~0 0))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (not (= 0 ~systemActive~0))) (and .cse2 .cse0 .cse1) (and .cse2 .cse0 (<= 1 ~methaneLevelCritical~0)))) [2024-11-16 07:53:32,250 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse2) (and .cse0 (<= 1 |old(~pumpRunning~0)|) .cse2)))) Eliminated clause: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1) (and .cse2 .cse0 .cse1) (and .cse2 (<= 1 ~methaneLevelCritical~0) .cse1))) [2024-11-16 07:53:32,266 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:53:32 BoogieIcfgContainer [2024-11-16 07:53:32,267 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:53:32,268 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:53:32,268 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:53:32,268 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:53:32,269 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:53:17" (3/4) ... [2024-11-16 07:53:32,271 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:53:32,274 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:53:32,275 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:53:32,276 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-16 07:53:32,285 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 42 nodes and edges [2024-11-16 07:53:32,285 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:53:32,286 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:53:32,286 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:53:32,287 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:53:32,403 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:53:32,404 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:53:32,404 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:53:32,404 INFO L158 Benchmark]: Toolchain (without parser) took 16397.20ms. Allocated memory was 138.4MB in the beginning and 348.1MB in the end (delta: 209.7MB). Free memory was 81.0MB in the beginning and 285.3MB in the end (delta: -204.4MB). Peak memory consumption was 6.8MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,405 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 138.4MB. Free memory is still 110.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:53:32,406 INFO L158 Benchmark]: CACSL2BoogieTranslator took 558.37ms. Allocated memory was 138.4MB in the beginning and 188.7MB in the end (delta: 50.3MB). Free memory was 80.8MB in the beginning and 150.0MB in the end (delta: -69.2MB). Peak memory consumption was 21.5MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,406 INFO L158 Benchmark]: Boogie Procedure Inliner took 62.28ms. Allocated memory is still 188.7MB. Free memory was 150.0MB in the beginning and 147.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,407 INFO L158 Benchmark]: Boogie Preprocessor took 50.55ms. Allocated memory is still 188.7MB. Free memory was 147.9MB in the beginning and 145.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,408 INFO L158 Benchmark]: IcfgBuilder took 551.88ms. Allocated memory is still 188.7MB. Free memory was 145.8MB in the beginning and 123.8MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,408 INFO L158 Benchmark]: TraceAbstraction took 15028.41ms. Allocated memory was 188.7MB in the beginning and 348.1MB in the end (delta: 159.4MB). Free memory was 122.7MB in the beginning and 294.8MB in the end (delta: -172.0MB). Peak memory consumption was 178.2MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,408 INFO L158 Benchmark]: Witness Printer took 135.97ms. Allocated memory is still 348.1MB. Free memory was 294.8MB in the beginning and 285.3MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-11-16 07:53:32,410 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 138.4MB. Free memory is still 110.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 558.37ms. Allocated memory was 138.4MB in the beginning and 188.7MB in the end (delta: 50.3MB). Free memory was 80.8MB in the beginning and 150.0MB in the end (delta: -69.2MB). Peak memory consumption was 21.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 62.28ms. Allocated memory is still 188.7MB. Free memory was 150.0MB in the beginning and 147.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.55ms. Allocated memory is still 188.7MB. Free memory was 147.9MB in the beginning and 145.8MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 551.88ms. Allocated memory is still 188.7MB. Free memory was 145.8MB in the beginning and 123.8MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 15028.41ms. Allocated memory was 188.7MB in the beginning and 348.1MB in the end (delta: 159.4MB). Free memory was 122.7MB in the beginning and 294.8MB in the end (delta: -172.0MB). Peak memory consumption was 178.2MB. Max. memory is 16.1GB. * Witness Printer took 135.97ms. Allocated memory is still 348.1MB. Free memory was 294.8MB in the beginning and 285.3MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 155]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [155] - GenericResultAtLocation [Line: 164]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [164] - GenericResultAtLocation [Line: 205]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [205] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [313] - GenericResultAtLocation [Line: 381]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [381] - GenericResultAtLocation [Line: 638]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [638] - GenericResultAtLocation [Line: 673]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [673] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 160]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 120 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.5s, OverallIterations: 12, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1407 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1372 mSDsluCounter, 6064 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4382 mSDsCounter, 298 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1367 IncrementalHoareTripleChecker+Invalid, 1665 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 298 mSolverCounterUnsat, 1682 mSDtfsCounter, 1367 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 967 GetRequests, 863 SyntacticMatches, 2 SemanticMatches, 102 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 143 ImplicationChecksByTransitivity, 0.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1831occurred in iteration=10, InterpolantAutomatonStates: 71, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.8s AutomataMinimizationTime, 12 MinimizatonAttempts, 467 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.1s InterpolantComputationTime, 1503 NumberOfCodeBlocks, 1503 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1611 ConstructedInterpolants, 0 QuantifiedInterpolants, 2799 SizeOfPredicates, 2 NumberOfNonLiveVariables, 1697 ConjunctsInSsa, 33 ConjunctsInUnsatCore, 17 InterpolantComputations, 12 PerfectInterpolantSequences, 670/720 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 62]: Location Invariant Derived location invariant: null - InvariantResult [Line: 325]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 521]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && ((((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive))) || ((((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 411]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: ((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 237]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= \old(methaneLevelCritical)))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (0 != systemActive)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 249]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0))) Ensures: ((((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0))) && (methaneLevelCritical <= \result)) && ((methaneLevelCritical != 0) || (\result == 0))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 387]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((pumpRunning < 1) || (methAndRunningLastTime == 0)) || (methaneLevelCritical < 1)) Ensures: (((((((((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) || (((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 <= \old(pumpRunning)))) || ((methaneLevelCritical == 0) && (\old(pumpRunning) == 0))) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0))) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (0 != systemActive)) || (((pumpRunning == \old(pumpRunning)) && (methAndRunningLastTime == 0)) && (0 != systemActive))) || (\old(pumpRunning) < 1))) && (((0 == systemActive) || (methaneLevelCritical < 1)) || ((pumpRunning == 0) && (methAndRunningLastTime == 0)))) && (((\old(pumpRunning) != 0) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(waterLevel) == waterLevel))) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (2 <= waterLevel)) && (\old(waterLevel) == waterLevel)) && (0 != systemActive)))) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 52]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 419]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: ((((((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (2 <= waterLevel)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 225]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0))) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical))) Ensures: ((((((pumpRunning != 0) || (\old(waterLevel) != 1)) || (1 < waterLevel)) && ((\old(waterLevel) < 2) || (\old(waterLevel) == waterLevel))) && ((((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0))) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 445]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: ((((((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (2 <= waterLevel)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 529]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 <= waterLevel)) && (0 != systemActive)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (2 <= waterLevel)) && (0 != systemActive))) Ensures: ((((methaneLevelCritical < ((long long) \result + 1)) || (methaneLevelCritical < 1)) && (((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 <= waterLevel)) && (0 != systemActive)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (2 <= waterLevel)) && (0 != systemActive)))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:53:32,449 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE