./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7491e9e7e66695ce6d97d4c4c38cf37fc3e1ef2df09eb8fb958f4ec180b71f50 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:54:26,904 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:54:26,959 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:54:26,962 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:54:26,964 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:54:26,987 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:54:26,988 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:54:26,988 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:54:26,988 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:54:26,990 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:54:26,990 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:54:26,990 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:54:26,991 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:54:26,991 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:54:26,991 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:54:26,991 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:54:26,992 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:54:26,992 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:54:26,992 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:54:26,994 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:54:26,994 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:54:26,994 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:54:26,995 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:54:26,995 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:54:26,995 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:54:26,995 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:54:26,996 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:54:26,996 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:54:26,996 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:54:26,996 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:54:26,996 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:54:26,997 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:54:26,997 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:54:26,998 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:54:26,998 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:54:26,998 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:54:26,999 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:54:26,999 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7491e9e7e66695ce6d97d4c4c38cf37fc3e1ef2df09eb8fb958f4ec180b71f50 [2024-11-16 07:54:27,192 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:54:27,210 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:54:27,212 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:54:27,213 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:54:27,214 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:54:27,214 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c [2024-11-16 07:54:28,459 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:54:28,625 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:54:28,625 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c [2024-11-16 07:54:28,634 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/303072633/81e90f334878442f990a2474221a5317/FLAG1f945dee0 [2024-11-16 07:54:28,645 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/303072633/81e90f334878442f990a2474221a5317 [2024-11-16 07:54:28,647 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:54:28,648 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:54:28,648 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:54:28,649 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:54:28,652 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:54:28,653 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:54:28" (1/1) ... [2024-11-16 07:54:28,653 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@23726d34 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:28, skipping insertion in model container [2024-11-16 07:54:28,654 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:54:28" (1/1) ... [2024-11-16 07:54:28,688 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:54:28,830 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c[2567,2580] [2024-11-16 07:54:28,932 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:54:28,943 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:54:28,951 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [49] [2024-11-16 07:54:28,952 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [78] [2024-11-16 07:54:28,953 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [116] [2024-11-16 07:54:28,953 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [125] [2024-11-16 07:54:28,953 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [226] [2024-11-16 07:54:28,953 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [319] [2024-11-16 07:54:28,953 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [685] [2024-11-16 07:54:28,954 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [907] [2024-11-16 07:54:28,960 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec4_product32.cil.c[2567,2580] [2024-11-16 07:54:28,990 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:54:29,009 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:54:29,010 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29 WrapperNode [2024-11-16 07:54:29,010 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:54:29,011 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:54:29,011 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:54:29,011 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:54:29,017 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,032 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,056 INFO L138 Inliner]: procedures = 56, calls = 102, calls flagged for inlining = 23, calls inlined = 19, statements flattened = 197 [2024-11-16 07:54:29,057 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:54:29,059 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:54:29,059 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:54:29,059 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:54:29,067 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,068 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,069 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,092 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:54:29,095 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,095 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,098 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,102 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,103 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,104 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,106 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:54:29,109 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:54:29,109 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:54:29,109 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:54:29,110 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (1/1) ... [2024-11-16 07:54:29,115 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:54:29,125 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:54:29,141 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:54:29,144 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:54:29,182 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:54:29,182 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:54:29,182 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:54:29,183 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:54:29,183 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:54:29,183 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:54:29,183 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:54:29,183 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:54:29,183 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:54:29,183 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:54:29,184 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:54:29,184 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-16 07:54:29,184 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-16 07:54:29,185 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-16 07:54:29,185 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-16 07:54:29,185 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:54:29,185 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:54:29,185 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:54:29,185 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:54:29,186 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:54:29,287 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:54:29,288 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:54:29,372 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L826-1: isPumpRunning_#res#1 := isPumpRunning_~retValue_acc~10#1; [2024-11-16 07:54:29,372 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L307-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~4#1; [2024-11-16 07:54:29,458 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L223-1: main_#res#1 := main_~retValue_acc~2#1; [2024-11-16 07:54:29,458 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L113-1: valid_product_#res#1 := valid_product_~retValue_acc~1#1; [2024-11-16 07:54:29,477 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L316-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~5#1; [2024-11-16 07:54:29,477 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L881-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~11#1; [2024-11-16 07:54:29,487 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L817: #res#1 := ~retValue_acc~9#1; [2024-11-16 07:54:29,488 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L275-1: isMethaneLevelCritical_#res#1 := isMethaneLevelCritical_~retValue_acc~3#1; [2024-11-16 07:54:29,501 INFO L? ?]: Removed 41 outVars from TransFormulas that were not future-live. [2024-11-16 07:54:29,501 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:54:29,512 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:54:29,516 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:54:29,516 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:54:29 BoogieIcfgContainer [2024-11-16 07:54:29,516 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:54:29,517 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:54:29,518 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:54:29,521 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:54:29,521 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:54:28" (1/3) ... [2024-11-16 07:54:29,522 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11aa22f4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:54:29, skipping insertion in model container [2024-11-16 07:54:29,522 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:54:29" (2/3) ... [2024-11-16 07:54:29,523 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11aa22f4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:54:29, skipping insertion in model container [2024-11-16 07:54:29,523 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:54:29" (3/3) ... [2024-11-16 07:54:29,524 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product32.cil.c [2024-11-16 07:54:29,538 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:54:29,538 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:54:29,583 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:54:29,587 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6c461fce, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:54:29,587 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:54:29,590 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 73 states have (on average 1.3424657534246576) internal successors, (98), 82 states have internal predecessors, (98), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-16 07:54:29,596 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-11-16 07:54:29,596 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:29,596 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:29,597 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:29,600 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:29,600 INFO L85 PathProgramCache]: Analyzing trace with hash -1760452252, now seen corresponding path program 1 times [2024-11-16 07:54:29,606 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:29,606 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1640306965] [2024-11-16 07:54:29,607 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:29,607 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:29,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:29,749 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:29,749 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:29,749 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1640306965] [2024-11-16 07:54:29,750 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1640306965] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:29,750 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:29,750 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:54:29,751 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [342529458] [2024-11-16 07:54:29,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:29,755 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:54:29,756 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:29,774 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:54:29,775 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:54:29,776 INFO L87 Difference]: Start difference. First operand has 97 states, 73 states have (on average 1.3424657534246576) internal successors, (98), 82 states have internal predecessors, (98), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 10 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:29,798 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:29,798 INFO L93 Difference]: Finished difference Result 185 states and 246 transitions. [2024-11-16 07:54:29,799 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:54:29,800 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 21 [2024-11-16 07:54:29,800 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:29,806 INFO L225 Difference]: With dead ends: 185 [2024-11-16 07:54:29,806 INFO L226 Difference]: Without dead ends: 86 [2024-11-16 07:54:29,809 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:54:29,811 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:29,811 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 119 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:54:29,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2024-11-16 07:54:29,837 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 86. [2024-11-16 07:54:29,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 64 states have (on average 1.28125) internal successors, (82), 72 states have internal predecessors, (82), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 9 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-16 07:54:29,839 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 109 transitions. [2024-11-16 07:54:29,840 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 109 transitions. Word has length 21 [2024-11-16 07:54:29,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:29,840 INFO L471 AbstractCegarLoop]: Abstraction has 86 states and 109 transitions. [2024-11-16 07:54:29,840 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:29,841 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 109 transitions. [2024-11-16 07:54:29,842 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-16 07:54:29,842 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:29,842 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:29,842 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:54:29,842 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:29,843 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:29,843 INFO L85 PathProgramCache]: Analyzing trace with hash -516220906, now seen corresponding path program 1 times [2024-11-16 07:54:29,843 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:29,843 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1321907784] [2024-11-16 07:54:29,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:29,843 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:29,862 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:29,921 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:29,921 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:29,921 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1321907784] [2024-11-16 07:54:29,921 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1321907784] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:29,921 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:29,921 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:54:29,921 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1466047325] [2024-11-16 07:54:29,922 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:29,922 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:54:29,922 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:29,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:54:29,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:29,926 INFO L87 Difference]: Start difference. First operand 86 states and 109 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:29,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:29,940 INFO L93 Difference]: Finished difference Result 130 states and 164 transitions. [2024-11-16 07:54:29,940 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:54:29,940 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 24 [2024-11-16 07:54:29,940 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:29,941 INFO L225 Difference]: With dead ends: 130 [2024-11-16 07:54:29,941 INFO L226 Difference]: Without dead ends: 75 [2024-11-16 07:54:29,942 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:29,943 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 16 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 165 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:29,943 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 165 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:54:29,943 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2024-11-16 07:54:29,953 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2024-11-16 07:54:29,953 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 64 states have internal predecessors, (73), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 7 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-16 07:54:29,954 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2024-11-16 07:54:29,954 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 24 [2024-11-16 07:54:29,954 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:29,954 INFO L471 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2024-11-16 07:54:29,955 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:29,955 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2024-11-16 07:54:29,957 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2024-11-16 07:54:29,957 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:29,957 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:29,957 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:54:29,958 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:29,959 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:29,959 INFO L85 PathProgramCache]: Analyzing trace with hash 378165595, now seen corresponding path program 1 times [2024-11-16 07:54:29,959 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:29,959 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [339063833] [2024-11-16 07:54:29,960 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:29,960 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:29,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:30,069 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:30,069 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:30,070 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [339063833] [2024-11-16 07:54:30,070 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [339063833] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:30,070 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:30,071 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:54:30,071 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1318951287] [2024-11-16 07:54:30,071 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:30,071 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:54:30,072 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:30,072 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:54:30,073 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:30,073 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:30,103 INFO L93 Difference]: Finished difference Result 209 states and 270 transitions. [2024-11-16 07:54:30,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:54:30,104 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 27 [2024-11-16 07:54:30,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:30,107 INFO L225 Difference]: With dead ends: 209 [2024-11-16 07:54:30,107 INFO L226 Difference]: Without dead ends: 141 [2024-11-16 07:54:30,110 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:30,112 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 72 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 72 SdHoareTripleChecker+Valid, 190 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:30,112 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [72 Valid, 190 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:54:30,113 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 141 states. [2024-11-16 07:54:30,129 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 141 to 137. [2024-11-16 07:54:30,129 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 100 states have (on average 1.33) internal successors, (133), 115 states have internal predecessors, (133), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 13 states have call predecessors, (22), 22 states have call successors, (22) [2024-11-16 07:54:30,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 177 transitions. [2024-11-16 07:54:30,130 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 177 transitions. Word has length 27 [2024-11-16 07:54:30,131 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:30,131 INFO L471 AbstractCegarLoop]: Abstraction has 137 states and 177 transitions. [2024-11-16 07:54:30,131 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,131 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 177 transitions. [2024-11-16 07:54:30,132 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-16 07:54:30,132 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:30,132 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:30,132 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:54:30,132 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:30,132 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:30,133 INFO L85 PathProgramCache]: Analyzing trace with hash -1237343098, now seen corresponding path program 1 times [2024-11-16 07:54:30,133 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:30,133 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2135393011] [2024-11-16 07:54:30,133 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:30,133 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:30,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:30,259 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:30,260 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:30,260 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2135393011] [2024-11-16 07:54:30,260 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2135393011] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:30,260 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:30,260 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-16 07:54:30,261 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1465910238] [2024-11-16 07:54:30,261 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:30,261 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:54:30,261 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:30,262 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:54:30,262 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:54:30,262 INFO L87 Difference]: Start difference. First operand 137 states and 177 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,351 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:30,353 INFO L93 Difference]: Finished difference Result 384 states and 511 transitions. [2024-11-16 07:54:30,353 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-16 07:54:30,353 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 30 [2024-11-16 07:54:30,354 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:30,356 INFO L225 Difference]: With dead ends: 384 [2024-11-16 07:54:30,357 INFO L226 Difference]: Without dead ends: 254 [2024-11-16 07:54:30,360 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:54:30,360 INFO L432 NwaCegarLoop]: 89 mSDtfsCounter, 59 mSDsluCounter, 258 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:30,361 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 347 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:54:30,361 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 254 states. [2024-11-16 07:54:30,382 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 254 to 254. [2024-11-16 07:54:30,383 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 254 states, 183 states have (on average 1.3169398907103824) internal successors, (241), 210 states have internal predecessors, (241), 44 states have call successors, (44), 28 states have call predecessors, (44), 26 states have return successors, (46), 24 states have call predecessors, (46), 44 states have call successors, (46) [2024-11-16 07:54:30,385 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 254 states to 254 states and 331 transitions. [2024-11-16 07:54:30,385 INFO L78 Accepts]: Start accepts. Automaton has 254 states and 331 transitions. Word has length 30 [2024-11-16 07:54:30,385 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:30,385 INFO L471 AbstractCegarLoop]: Abstraction has 254 states and 331 transitions. [2024-11-16 07:54:30,386 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,386 INFO L276 IsEmpty]: Start isEmpty. Operand 254 states and 331 transitions. [2024-11-16 07:54:30,387 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-16 07:54:30,388 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:30,388 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:30,388 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:54:30,388 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:30,388 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:30,389 INFO L85 PathProgramCache]: Analyzing trace with hash -1232424189, now seen corresponding path program 1 times [2024-11-16 07:54:30,389 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:30,389 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1638889055] [2024-11-16 07:54:30,389 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:30,389 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:30,399 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:30,459 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:30,459 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:30,460 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1638889055] [2024-11-16 07:54:30,460 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1638889055] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:30,460 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:30,460 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:54:30,460 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1251514004] [2024-11-16 07:54:30,460 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:30,461 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:54:30,461 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:30,461 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:54:30,461 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:30,462 INFO L87 Difference]: Start difference. First operand 254 states and 331 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 2 states have internal predecessors, (31), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,485 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:30,485 INFO L93 Difference]: Finished difference Result 415 states and 547 transitions. [2024-11-16 07:54:30,486 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:54:30,486 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 2 states have internal predecessors, (31), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 32 [2024-11-16 07:54:30,486 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:30,487 INFO L225 Difference]: With dead ends: 415 [2024-11-16 07:54:30,487 INFO L226 Difference]: Without dead ends: 168 [2024-11-16 07:54:30,488 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:54:30,489 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 40 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 5 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 5 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:30,489 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [40 Valid, 56 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 5 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:54:30,490 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2024-11-16 07:54:30,511 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 166. [2024-11-16 07:54:30,511 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 166 states, 127 states have (on average 1.220472440944882) internal successors, (155), 134 states have internal predecessors, (155), 20 states have call successors, (20), 20 states have call predecessors, (20), 18 states have return successors, (20), 18 states have call predecessors, (20), 20 states have call successors, (20) [2024-11-16 07:54:30,512 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 166 states to 166 states and 195 transitions. [2024-11-16 07:54:30,513 INFO L78 Accepts]: Start accepts. Automaton has 166 states and 195 transitions. Word has length 32 [2024-11-16 07:54:30,513 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:30,513 INFO L471 AbstractCegarLoop]: Abstraction has 166 states and 195 transitions. [2024-11-16 07:54:30,513 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 2 states have internal predecessors, (31), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,514 INFO L276 IsEmpty]: Start isEmpty. Operand 166 states and 195 transitions. [2024-11-16 07:54:30,515 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-16 07:54:30,515 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:54:30,515 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:54:30,515 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:54:30,515 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:54:30,516 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:54:30,516 INFO L85 PathProgramCache]: Analyzing trace with hash 1799964868, now seen corresponding path program 1 times [2024-11-16 07:54:30,516 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:54:30,516 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [958636013] [2024-11-16 07:54:30,516 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:54:30,517 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:54:30,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:30,586 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2024-11-16 07:54:30,588 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:54:30,592 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:54:30,592 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:54:30,592 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [958636013] [2024-11-16 07:54:30,593 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [958636013] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:54:30,593 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:54:30,593 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:54:30,593 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1444005050] [2024-11-16 07:54:30,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:54:30,593 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:54:30,593 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:54:30,596 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:54:30,596 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:54:30,596 INFO L87 Difference]: Start difference. First operand 166 states and 195 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:54:30,690 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:54:30,690 INFO L93 Difference]: Finished difference Result 170 states and 199 transitions. [2024-11-16 07:54:30,691 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:54:30,691 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2024-11-16 07:54:30,691 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:54:30,691 INFO L225 Difference]: With dead ends: 170 [2024-11-16 07:54:30,692 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:54:30,692 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:54:30,693 INFO L432 NwaCegarLoop]: 41 mSDtfsCounter, 48 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 64 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 64 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:54:30,693 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 145 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 64 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:54:30,694 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:54:30,694 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:54:30,695 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:54:30,695 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:54:30,695 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 34 [2024-11-16 07:54:30,695 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:54:30,695 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:54:30,695 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-16 07:54:30,695 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:54:30,695 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:54:30,697 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:54:30,698 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:54:30,701 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2024-11-16 07:54:30,702 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:54:31,086 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:54:31,115 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~pumpRunning~0)| 0) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (= ~pumpRunning~0 0) [2024-11-16 07:54:31,120 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (= ~pumpRunning~0 0) [2024-11-16 07:54:31,123 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~pumpRunning~0)| 0)) Eliminated clause: (= ~pumpRunning~0 0) [2024-11-16 07:54:31,124 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:54:31 BoogieIcfgContainer [2024-11-16 07:54:31,124 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:54:31,124 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:54:31,125 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:54:31,125 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:54:31,125 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:54:29" (3/4) ... [2024-11-16 07:54:31,130 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:54:31,133 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:54:31,134 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-16 07:54:31,134 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-16 07:54:31,138 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 39 nodes and edges [2024-11-16 07:54:31,138 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:54:31,139 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:54:31,139 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:54:31,139 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:54:31,232 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:54:31,232 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:54:31,232 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:54:31,233 INFO L158 Benchmark]: Toolchain (without parser) took 2585.34ms. Allocated memory was 159.4MB in the beginning and 213.9MB in the end (delta: 54.5MB). Free memory was 102.9MB in the beginning and 180.5MB in the end (delta: -77.6MB). Peak memory consumption was 73.5MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,233 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 159.4MB. Free memory is still 119.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:54:31,233 INFO L158 Benchmark]: CACSL2BoogieTranslator took 361.93ms. Allocated memory is still 159.4MB. Free memory was 102.5MB in the beginning and 81.2MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,234 INFO L158 Benchmark]: Boogie Procedure Inliner took 45.97ms. Allocated memory is still 159.4MB. Free memory was 80.8MB in the beginning and 78.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,234 INFO L158 Benchmark]: Boogie Preprocessor took 49.34ms. Allocated memory is still 159.4MB. Free memory was 78.7MB in the beginning and 76.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,234 INFO L158 Benchmark]: IcfgBuilder took 407.31ms. Allocated memory is still 159.4MB. Free memory was 76.6MB in the beginning and 115.3MB in the end (delta: -38.8MB). Peak memory consumption was 10.6MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,234 INFO L158 Benchmark]: TraceAbstraction took 1606.68ms. Allocated memory was 159.4MB in the beginning and 213.9MB in the end (delta: 54.5MB). Free memory was 114.5MB in the beginning and 91.0MB in the end (delta: 23.5MB). Peak memory consumption was 79.6MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,235 INFO L158 Benchmark]: Witness Printer took 108.02ms. Allocated memory is still 213.9MB. Free memory was 91.0MB in the beginning and 180.5MB in the end (delta: -89.5MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-16 07:54:31,236 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 159.4MB. Free memory is still 119.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 361.93ms. Allocated memory is still 159.4MB. Free memory was 102.5MB in the beginning and 81.2MB in the end (delta: 21.4MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 45.97ms. Allocated memory is still 159.4MB. Free memory was 80.8MB in the beginning and 78.7MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 49.34ms. Allocated memory is still 159.4MB. Free memory was 78.7MB in the beginning and 76.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 407.31ms. Allocated memory is still 159.4MB. Free memory was 76.6MB in the beginning and 115.3MB in the end (delta: -38.8MB). Peak memory consumption was 10.6MB. Max. memory is 16.1GB. * TraceAbstraction took 1606.68ms. Allocated memory was 159.4MB in the beginning and 213.9MB in the end (delta: 54.5MB). Free memory was 114.5MB in the beginning and 91.0MB in the end (delta: 23.5MB). Peak memory consumption was 79.6MB. Max. memory is 16.1GB. * Witness Printer took 108.02ms. Allocated memory is still 213.9MB. Free memory was 91.0MB in the beginning and 180.5MB in the end (delta: -89.5MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification4_spec.i","") [49] - GenericResultAtLocation [Line: 78]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [78] - GenericResultAtLocation [Line: 116]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [116] - GenericResultAtLocation [Line: 125]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [125] - GenericResultAtLocation [Line: 226]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [226] - GenericResultAtLocation [Line: 319]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [319] - GenericResultAtLocation [Line: 685]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [685] - GenericResultAtLocation [Line: 907]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [907] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 121]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 1.1s, OverallIterations: 6, TraceHistogramMax: 1, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 0.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 240 SdHoareTripleChecker+Valid, 0.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 235 mSDsluCounter, 1022 SdHoareTripleChecker+Invalid, 0.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 516 mSDsCounter, 18 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 100 IncrementalHoareTripleChecker+Invalid, 118 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 18 mSolverCounterUnsat, 506 mSDtfsCounter, 100 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 28 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=254occurred in iteration=4, InterpolantAutomatonStates: 22, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 6 StatesRemovedByMinimization, 2 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 0.4s InterpolantComputationTime, 168 NumberOfCodeBlocks, 168 NumberOfCodeBlocksAsserted, 6 NumberOfCheckSat, 162 ConstructedInterpolants, 0 QuantifiedInterpolants, 358 SizeOfPredicates, 0 NumberOfNonLiveVariables, 0 ConjunctsInSsa, 0 ConjunctsInUnsatCore, 6 InterpolantComputations, 6 PerfectInterpolantSequences, 0/0 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 138]: Location Invariant Derived location invariant: null - InvariantResult [Line: 918]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 801]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: 0 Ensures: (0 && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 717]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (pumpRunning == 0) Ensures: ((pumpRunning == 0) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 257]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (pumpRunning == 0) Ensures: ((pumpRunning == 0) && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 693]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (pumpRunning == 0) Ensures: ((((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 128]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 245]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (pumpRunning == 0) Ensures: ((pumpRunning == 0) && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 725]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (pumpRunning == 0) Ensures: (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 809]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: 0 Ensures: (0 && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:54:31,265 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE