./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3289d67d Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.fs.icfgbuilder-eval-3289d67-m [2024-11-16 07:55:37,343 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-16 07:55:37,412 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-16 07:55:37,418 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-16 07:55:37,426 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-16 07:55:37,445 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-16 07:55:37,446 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-16 07:55:37,446 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-16 07:55:37,447 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-16 07:55:37,449 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-16 07:55:37,449 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-16 07:55:37,449 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-16 07:55:37,450 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-16 07:55:37,450 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-16 07:55:37,452 INFO L153 SettingsManager]: * Use SBE=true [2024-11-16 07:55:37,452 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-16 07:55:37,452 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-16 07:55:37,452 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-16 07:55:37,452 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-16 07:55:37,453 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-16 07:55:37,453 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-16 07:55:37,453 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-16 07:55:37,453 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-16 07:55:37,454 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-16 07:55:37,455 INFO L151 SettingsManager]: Preferences of IcfgBuilder differ from their defaults: [2024-11-16 07:55:37,455 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-16 07:55:37,455 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-16 07:55:37,455 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-16 07:55:37,455 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:37,456 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-16 07:55:37,456 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-16 07:55:37,456 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-16 07:55:37,456 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-16 07:55:37,456 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-16 07:55:37,457 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-16 07:55:37,457 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-16 07:55:37,457 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-16 07:55:37,460 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-16 07:55:37,461 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 [2024-11-16 07:55:37,636 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-16 07:55:37,655 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-16 07:55:37,657 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-16 07:55:37,658 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-16 07:55:37,659 INFO L274 PluginConnector]: CDTParser initialized [2024-11-16 07:55:37,659 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2024-11-16 07:55:38,850 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-16 07:55:39,035 INFO L384 CDTParser]: Found 1 translation units. [2024-11-16 07:55:39,035 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2024-11-16 07:55:39,044 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f9c8b2bf2/29d71c614357456fbd8a4d38bb723ed6/FLAG94d54f0fa [2024-11-16 07:55:39,408 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f9c8b2bf2/29d71c614357456fbd8a4d38bb723ed6 [2024-11-16 07:55:39,409 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-16 07:55:39,410 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-16 07:55:39,411 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:39,411 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-16 07:55:39,417 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-16 07:55:39,418 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,418 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4ec6791b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39, skipping insertion in model container [2024-11-16 07:55:39,419 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,462 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-16 07:55:39,607 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2024-11-16 07:55:39,702 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:39,716 INFO L200 MainTranslator]: Completed pre-run [2024-11-16 07:55:39,723 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-16 07:55:39,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [58] [2024-11-16 07:55:39,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [279] [2024-11-16 07:55:39,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [349] [2024-11-16 07:55:39,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [453] [2024-11-16 07:55:39,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [819] [2024-11-16 07:55:39,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [868] [2024-11-16 07:55:39,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [906] [2024-11-16 07:55:39,730 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2024-11-16 07:55:39,766 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-16 07:55:39,789 INFO L204 MainTranslator]: Completed translation [2024-11-16 07:55:39,789 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39 WrapperNode [2024-11-16 07:55:39,789 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-16 07:55:39,790 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:39,790 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-16 07:55:39,790 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-16 07:55:39,795 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,810 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,839 INFO L138 Inliner]: procedures = 58, calls = 102, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 211 [2024-11-16 07:55:39,843 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-16 07:55:39,844 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-16 07:55:39,844 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-16 07:55:39,844 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-16 07:55:39,852 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,852 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,856 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,871 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-16 07:55:39,872 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,872 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,879 INFO L184 PluginConnector]: Executing the observer ReplaceArrayAssignments from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,879 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,880 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,881 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,884 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-16 07:55:39,885 INFO L112 PluginConnector]: ------------------------IcfgBuilder---------------------------- [2024-11-16 07:55:39,885 INFO L270 PluginConnector]: Initializing IcfgBuilder... [2024-11-16 07:55:39,885 INFO L274 PluginConnector]: IcfgBuilder initialized [2024-11-16 07:55:39,885 INFO L184 PluginConnector]: Executing the observer IcfgBuilderObserver from plugin IcfgBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (1/1) ... [2024-11-16 07:55:39,891 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-16 07:55:39,899 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:39,912 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-16 07:55:39,915 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-16 07:55:39,953 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-16 07:55:39,953 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-16 07:55:39,953 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-16 07:55:39,953 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-16 07:55:39,953 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-16 07:55:39,953 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-16 07:55:39,954 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-16 07:55:39,954 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:55:39,954 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:55:39,954 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-16 07:55:39,954 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-16 07:55:39,954 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-16 07:55:39,955 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-16 07:55:39,955 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-16 07:55:39,955 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-16 07:55:39,955 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-16 07:55:39,955 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-16 07:55:39,956 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-16 07:55:40,020 INFO L256 CfgBuilder]: Building ICFG [2024-11-16 07:55:40,022 INFO L286 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-16 07:55:40,124 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L450-1: isLowWaterSensorDry_#res#1 := isLowWaterSensorDry_~retValue_acc~7#1; [2024-11-16 07:55:40,124 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L268-1: isLowWaterLevel_#res#1 := isLowWaterLevel_~retValue_acc~3#1; [2024-11-16 07:55:40,125 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L427-1: getWaterLevel_#res#1 := getWaterLevel_~retValue_acc~5#1; [2024-11-16 07:55:40,188 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L1000-1: main_#res#1 := main_~retValue_acc~13#1; [2024-11-16 07:55:40,189 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L903-1: valid_product_#res#1 := valid_product_~retValue_acc~12#1; [2024-11-16 07:55:40,214 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L249-1: isHighWaterLevel_#res#1 := isHighWaterLevel_~retValue_acc~2#1; [2024-11-16 07:55:40,214 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L441-1: isHighWaterSensorDry_#res#1 := isHighWaterSensorDry_~retValue_acc~6#1; [2024-11-16 07:55:40,219 INFO L1250 $ProcedureCfgBuilder]: dead code at ProgramPoint L194: #res := ~retValue_acc~1; [2024-11-16 07:55:40,233 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-11-16 07:55:40,235 INFO L307 CfgBuilder]: Performing block encoding [2024-11-16 07:55:40,246 INFO L331 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-16 07:55:40,247 INFO L336 CfgBuilder]: Removed 0 assume(true) statements. [2024-11-16 07:55:40,248 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40 BoogieIcfgContainer [2024-11-16 07:55:40,248 INFO L131 PluginConnector]: ------------------------ END IcfgBuilder---------------------------- [2024-11-16 07:55:40,250 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-16 07:55:40,251 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-16 07:55:40,253 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-16 07:55:40,253 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 07:55:39" (1/3) ... [2024-11-16 07:55:40,254 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d11f4cd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:40, skipping insertion in model container [2024-11-16 07:55:40,254 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 07:55:39" (2/3) ... [2024-11-16 07:55:40,255 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d11f4cd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 07:55:40, skipping insertion in model container [2024-11-16 07:55:40,256 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40" (3/3) ... [2024-11-16 07:55:40,257 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product50.cil.c [2024-11-16 07:55:40,269 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-16 07:55:40,269 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-16 07:55:40,322 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-16 07:55:40,328 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@c2e7cd7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-16 07:55:40,328 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-16 07:55:40,332 INFO L276 IsEmpty]: Start isEmpty. Operand has 99 states, 78 states have (on average 1.3461538461538463) internal successors, (105), 86 states have internal predecessors, (105), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2024-11-16 07:55:40,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-16 07:55:40,340 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:40,341 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:40,341 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:40,345 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:40,346 INFO L85 PathProgramCache]: Analyzing trace with hash 1098861248, now seen corresponding path program 1 times [2024-11-16 07:55:40,353 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:40,353 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [346227069] [2024-11-16 07:55:40,354 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:40,354 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:40,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,529 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2024-11-16 07:55:40,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,539 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2024-11-16 07:55:40,541 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,547 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:40,547 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:40,548 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [346227069] [2024-11-16 07:55:40,548 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [346227069] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:40,548 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:40,549 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-16 07:55:40,550 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [943604236] [2024-11-16 07:55:40,551 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:40,554 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-16 07:55:40,555 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:40,573 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-16 07:55:40,574 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:40,576 INFO L87 Difference]: Start difference. First operand has 99 states, 78 states have (on average 1.3461538461538463) internal successors, (105), 86 states have internal predecessors, (105), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:40,604 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:40,604 INFO L93 Difference]: Finished difference Result 188 states and 251 transitions. [2024-11-16 07:55:40,605 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-16 07:55:40,606 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 34 [2024-11-16 07:55:40,606 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:40,612 INFO L225 Difference]: With dead ends: 188 [2024-11-16 07:55:40,612 INFO L226 Difference]: Without dead ends: 88 [2024-11-16 07:55:40,616 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-16 07:55:40,618 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:40,619 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:40,654 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2024-11-16 07:55:40,688 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2024-11-16 07:55:40,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.289855072463768) internal successors, (89), 76 states have internal predecessors, (89), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-16 07:55:40,690 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 112 transitions. [2024-11-16 07:55:40,692 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 112 transitions. Word has length 34 [2024-11-16 07:55:40,692 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:40,692 INFO L471 AbstractCegarLoop]: Abstraction has 88 states and 112 transitions. [2024-11-16 07:55:40,692 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 13.0) internal successors, (26), 2 states have internal predecessors, (26), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:40,692 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 112 transitions. [2024-11-16 07:55:40,698 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-16 07:55:40,698 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:40,698 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:40,698 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-16 07:55:40,698 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:40,699 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:40,699 INFO L85 PathProgramCache]: Analyzing trace with hash 851650429, now seen corresponding path program 1 times [2024-11-16 07:55:40,699 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:40,699 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1179739865] [2024-11-16 07:55:40,699 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:40,699 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:40,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,804 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2024-11-16 07:55:40,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,809 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2024-11-16 07:55:40,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,813 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:40,815 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:40,815 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1179739865] [2024-11-16 07:55:40,815 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1179739865] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:40,815 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:40,815 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:40,816 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [545370318] [2024-11-16 07:55:40,816 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:40,817 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:40,817 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:40,818 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:40,819 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:40,819 INFO L87 Difference]: Start difference. First operand 88 states and 112 transitions. Second operand has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:40,835 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:40,836 INFO L93 Difference]: Finished difference Result 137 states and 175 transitions. [2024-11-16 07:55:40,837 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:40,837 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 37 [2024-11-16 07:55:40,837 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:40,839 INFO L225 Difference]: With dead ends: 137 [2024-11-16 07:55:40,839 INFO L226 Difference]: Without dead ends: 77 [2024-11-16 07:55:40,839 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:40,841 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 12 mSDsluCounter, 79 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:40,842 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 176 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:40,842 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-16 07:55:40,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-16 07:55:40,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 61 states have (on average 1.3114754098360655) internal successors, (80), 68 states have internal predecessors, (80), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-16 07:55:40,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 98 transitions. [2024-11-16 07:55:40,853 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 98 transitions. Word has length 37 [2024-11-16 07:55:40,854 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:40,854 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 98 transitions. [2024-11-16 07:55:40,854 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.666666666666666) internal successors, (29), 3 states have internal predecessors, (29), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-16 07:55:40,855 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 98 transitions. [2024-11-16 07:55:40,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-16 07:55:40,857 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:40,857 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:40,857 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-16 07:55:40,857 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:40,858 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:40,858 INFO L85 PathProgramCache]: Analyzing trace with hash 826535580, now seen corresponding path program 1 times [2024-11-16 07:55:40,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:40,858 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [268146526] [2024-11-16 07:55:40,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:40,859 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:40,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,952 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:40,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,962 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2024-11-16 07:55:40,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:40,965 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:40,966 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:40,966 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [268146526] [2024-11-16 07:55:40,967 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [268146526] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:40,967 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:40,967 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:40,967 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1885528677] [2024-11-16 07:55:40,967 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:40,967 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:40,968 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:40,968 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:40,969 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:40,969 INFO L87 Difference]: Start difference. First operand 77 states and 98 transitions. Second operand has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:40,992 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:40,992 INFO L93 Difference]: Finished difference Result 146 states and 189 transitions. [2024-11-16 07:55:40,993 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:40,993 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 40 [2024-11-16 07:55:40,995 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:40,996 INFO L225 Difference]: With dead ends: 146 [2024-11-16 07:55:40,996 INFO L226 Difference]: Without dead ends: 77 [2024-11-16 07:55:40,997 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:40,997 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 88 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:40,998 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 96 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:40,998 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-16 07:55:41,004 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-16 07:55:41,004 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 61 states have (on average 1.2950819672131149) internal successors, (79), 68 states have internal predecessors, (79), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-16 07:55:41,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 97 transitions. [2024-11-16 07:55:41,005 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 97 transitions. Word has length 40 [2024-11-16 07:55:41,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,007 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 97 transitions. [2024-11-16 07:55:41,007 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.0) internal successors, (33), 3 states have internal predecessors, (33), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:41,007 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 97 transitions. [2024-11-16 07:55:41,008 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2024-11-16 07:55:41,009 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,009 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,009 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-16 07:55:41,010 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,010 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,010 INFO L85 PathProgramCache]: Analyzing trace with hash -113216463, now seen corresponding path program 1 times [2024-11-16 07:55:41,010 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,010 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [399531562] [2024-11-16 07:55:41,010 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,010 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,030 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,061 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,063 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,064 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2024-11-16 07:55:41,066 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,067 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,069 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,069 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [399531562] [2024-11-16 07:55:41,069 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [399531562] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,069 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,069 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-16 07:55:41,069 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [919372443] [2024-11-16 07:55:41,069 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,070 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-16 07:55:41,070 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,070 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-16 07:55:41,070 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,070 INFO L87 Difference]: Start difference. First operand 77 states and 97 transitions. Second operand has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:41,105 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,105 INFO L93 Difference]: Finished difference Result 196 states and 253 transitions. [2024-11-16 07:55:41,109 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-16 07:55:41,109 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 48 [2024-11-16 07:55:41,109 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,110 INFO L225 Difference]: With dead ends: 196 [2024-11-16 07:55:41,110 INFO L226 Difference]: Without dead ends: 127 [2024-11-16 07:55:41,111 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-16 07:55:41,111 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 77 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 181 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,112 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 181 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-16 07:55:41,112 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2024-11-16 07:55:41,124 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 124. [2024-11-16 07:55:41,125 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 97 states have (on average 1.2783505154639174) internal successors, (124), 104 states have internal predecessors, (124), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2024-11-16 07:55:41,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 156 transitions. [2024-11-16 07:55:41,128 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 156 transitions. Word has length 48 [2024-11-16 07:55:41,128 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,128 INFO L471 AbstractCegarLoop]: Abstraction has 124 states and 156 transitions. [2024-11-16 07:55:41,128 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.666666666666666) internal successors, (41), 3 states have internal predecessors, (41), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-16 07:55:41,128 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 156 transitions. [2024-11-16 07:55:41,129 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-16 07:55:41,132 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,132 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,132 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-16 07:55:41,132 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,132 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,133 INFO L85 PathProgramCache]: Analyzing trace with hash 2116489938, now seen corresponding path program 1 times [2024-11-16 07:55:41,133 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,133 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [733874793] [2024-11-16 07:55:41,133 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,133 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,149 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,203 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,210 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:41,212 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,242 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-16 07:55:41,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,246 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,247 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,247 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [733874793] [2024-11-16 07:55:41,248 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [733874793] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,248 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,248 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:41,248 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [915406999] [2024-11-16 07:55:41,249 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,249 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:41,249 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:41,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:41,251 INFO L87 Difference]: Start difference. First operand 124 states and 156 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:41,387 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,387 INFO L93 Difference]: Finished difference Result 270 states and 346 transitions. [2024-11-16 07:55:41,388 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:55:41,388 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 54 [2024-11-16 07:55:41,389 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,390 INFO L225 Difference]: With dead ends: 270 [2024-11-16 07:55:41,391 INFO L226 Difference]: Without dead ends: 154 [2024-11-16 07:55:41,392 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:41,395 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 55 mSDsluCounter, 303 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 395 SdHoareTripleChecker+Invalid, 127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,396 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 395 Invalid, 127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:41,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2024-11-16 07:55:41,410 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 151. [2024-11-16 07:55:41,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2773109243697478) internal successors, (152), 126 states have internal predecessors, (152), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-16 07:55:41,413 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 191 transitions. [2024-11-16 07:55:41,414 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 191 transitions. Word has length 54 [2024-11-16 07:55:41,414 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,414 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 191 transitions. [2024-11-16 07:55:41,414 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:41,414 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 191 transitions. [2024-11-16 07:55:41,416 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-16 07:55:41,416 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,416 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,416 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-16 07:55:41,417 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,417 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,417 INFO L85 PathProgramCache]: Analyzing trace with hash 1707665713, now seen corresponding path program 1 times [2024-11-16 07:55:41,417 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,417 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1750945496] [2024-11-16 07:55:41,417 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,417 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,431 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,478 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,488 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:41,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,518 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-16 07:55:41,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,520 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,520 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,520 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1750945496] [2024-11-16 07:55:41,520 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1750945496] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,520 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,520 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-16 07:55:41,520 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [273976733] [2024-11-16 07:55:41,520 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,521 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-16 07:55:41,521 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,521 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-16 07:55:41,521 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-16 07:55:41,521 INFO L87 Difference]: Start difference. First operand 151 states and 191 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:41,633 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,633 INFO L93 Difference]: Finished difference Result 299 states and 387 transitions. [2024-11-16 07:55:41,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-16 07:55:41,633 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 54 [2024-11-16 07:55:41,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,635 INFO L225 Difference]: With dead ends: 299 [2024-11-16 07:55:41,635 INFO L226 Difference]: Without dead ends: 156 [2024-11-16 07:55:41,635 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=47, Unknown=0, NotChecked=0, Total=72 [2024-11-16 07:55:41,636 INFO L432 NwaCegarLoop]: 91 mSDtfsCounter, 134 mSDsluCounter, 212 mSDsCounter, 0 mSdLazyCounter, 93 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 303 SdHoareTripleChecker+Invalid, 116 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 93 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,636 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 303 Invalid, 116 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 93 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:41,637 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2024-11-16 07:55:41,644 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 153. [2024-11-16 07:55:41,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2727272727272727) internal successors, (154), 128 states have internal predecessors, (154), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2024-11-16 07:55:41,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 193 transitions. [2024-11-16 07:55:41,646 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 193 transitions. Word has length 54 [2024-11-16 07:55:41,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,646 INFO L471 AbstractCegarLoop]: Abstraction has 153 states and 193 transitions. [2024-11-16 07:55:41,646 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-16 07:55:41,646 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 193 transitions. [2024-11-16 07:55:41,647 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-16 07:55:41,647 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,647 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,647 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-16 07:55:41,647 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,647 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,647 INFO L85 PathProgramCache]: Analyzing trace with hash 1926520431, now seen corresponding path program 1 times [2024-11-16 07:55:41,647 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,647 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [125096160] [2024-11-16 07:55:41,648 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,648 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,655 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,702 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,704 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,708 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:41,710 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,720 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2024-11-16 07:55:41,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,722 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:41,722 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,722 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [125096160] [2024-11-16 07:55:41,722 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [125096160] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,722 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,722 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-16 07:55:41,722 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [446328783] [2024-11-16 07:55:41,722 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,723 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-16 07:55:41,723 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,723 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-16 07:55:41,724 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-16 07:55:41,724 INFO L87 Difference]: Start difference. First operand 153 states and 193 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:41,880 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:41,880 INFO L93 Difference]: Finished difference Result 445 states and 578 transitions. [2024-11-16 07:55:41,880 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-16 07:55:41,881 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 54 [2024-11-16 07:55:41,881 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:41,882 INFO L225 Difference]: With dead ends: 445 [2024-11-16 07:55:41,882 INFO L226 Difference]: Without dead ends: 300 [2024-11-16 07:55:41,883 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:55:41,883 INFO L432 NwaCegarLoop]: 138 mSDtfsCounter, 220 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 227 SdHoareTripleChecker+Valid, 318 SdHoareTripleChecker+Invalid, 191 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:41,883 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [227 Valid, 318 Invalid, 191 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:41,884 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states. [2024-11-16 07:55:41,903 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 288. [2024-11-16 07:55:41,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 224 states have (on average 1.2455357142857142) internal successors, (279), 235 states have internal predecessors, (279), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-16 07:55:41,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 366 transitions. [2024-11-16 07:55:41,905 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 366 transitions. Word has length 54 [2024-11-16 07:55:41,906 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:41,906 INFO L471 AbstractCegarLoop]: Abstraction has 288 states and 366 transitions. [2024-11-16 07:55:41,906 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-16 07:55:41,906 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 366 transitions. [2024-11-16 07:55:41,907 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-16 07:55:41,907 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:41,907 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:41,908 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-16 07:55:41,908 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:41,908 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:41,909 INFO L85 PathProgramCache]: Analyzing trace with hash 176825999, now seen corresponding path program 1 times [2024-11-16 07:55:41,909 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:41,909 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [268365787] [2024-11-16 07:55:41,909 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:41,909 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:41,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,964 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2024-11-16 07:55:41,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,970 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2024-11-16 07:55:41,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,980 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2024-11-16 07:55:41,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,981 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2024-11-16 07:55:41,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:41,992 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-16 07:55:41,992 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:41,992 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [268365787] [2024-11-16 07:55:41,993 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [268365787] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:41,993 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:41,993 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-16 07:55:41,993 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [238577560] [2024-11-16 07:55:41,993 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:41,993 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-16 07:55:41,993 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:41,994 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-16 07:55:41,994 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-16 07:55:41,994 INFO L87 Difference]: Start difference. First operand 288 states and 366 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:55:42,165 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:42,166 INFO L93 Difference]: Finished difference Result 567 states and 728 transitions. [2024-11-16 07:55:42,166 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-16 07:55:42,166 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 56 [2024-11-16 07:55:42,167 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:42,168 INFO L225 Difference]: With dead ends: 567 [2024-11-16 07:55:42,168 INFO L226 Difference]: Without dead ends: 287 [2024-11-16 07:55:42,169 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-16 07:55:42,169 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 131 mSDsluCounter, 325 mSDsCounter, 0 mSdLazyCounter, 171 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 404 SdHoareTripleChecker+Invalid, 200 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 171 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:42,170 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 404 Invalid, 200 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 171 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-16 07:55:42,170 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 287 states. [2024-11-16 07:55:42,189 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 287 to 284. [2024-11-16 07:55:42,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 284 states, 220 states have (on average 1.2136363636363636) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2024-11-16 07:55:42,191 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 284 states to 284 states and 354 transitions. [2024-11-16 07:55:42,191 INFO L78 Accepts]: Start accepts. Automaton has 284 states and 354 transitions. Word has length 56 [2024-11-16 07:55:42,192 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:42,192 INFO L471 AbstractCegarLoop]: Abstraction has 284 states and 354 transitions. [2024-11-16 07:55:42,192 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-16 07:55:42,192 INFO L276 IsEmpty]: Start isEmpty. Operand 284 states and 354 transitions. [2024-11-16 07:55:42,193 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2024-11-16 07:55:42,193 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:42,194 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:42,194 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-16 07:55:42,194 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:42,194 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:42,194 INFO L85 PathProgramCache]: Analyzing trace with hash 1728096881, now seen corresponding path program 1 times [2024-11-16 07:55:42,194 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:42,194 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [30324324] [2024-11-16 07:55:42,195 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:42,195 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:42,216 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,343 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:42,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,351 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2024-11-16 07:55:42,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,360 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2024-11-16 07:55:42,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,382 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2024-11-16 07:55:42,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,385 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-16 07:55:42,385 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:42,385 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [30324324] [2024-11-16 07:55:42,385 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [30324324] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-16 07:55:42,385 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-16 07:55:42,385 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-16 07:55:42,385 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [716547329] [2024-11-16 07:55:42,386 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-16 07:55:42,386 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-16 07:55:42,386 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:42,387 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-16 07:55:42,387 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2024-11-16 07:55:42,387 INFO L87 Difference]: Start difference. First operand 284 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.7) internal successors, (47), 8 states have internal predecessors, (47), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:42,805 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:42,806 INFO L93 Difference]: Finished difference Result 742 states and 973 transitions. [2024-11-16 07:55:42,806 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-16 07:55:42,806 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.7) internal successors, (47), 8 states have internal predecessors, (47), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 58 [2024-11-16 07:55:42,806 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:42,809 INFO L225 Difference]: With dead ends: 742 [2024-11-16 07:55:42,809 INFO L226 Difference]: Without dead ends: 518 [2024-11-16 07:55:42,810 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 35 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 130 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=163, Invalid=487, Unknown=0, NotChecked=0, Total=650 [2024-11-16 07:55:42,810 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 529 mSDsluCounter, 465 mSDsCounter, 0 mSdLazyCounter, 424 mSolverCounterSat, 159 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 534 SdHoareTripleChecker+Valid, 574 SdHoareTripleChecker+Invalid, 583 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 159 IncrementalHoareTripleChecker+Valid, 424 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:42,810 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [534 Valid, 574 Invalid, 583 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [159 Valid, 424 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-16 07:55:42,811 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 518 states. [2024-11-16 07:55:42,831 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 518 to 443. [2024-11-16 07:55:42,832 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 443 states, 345 states have (on average 1.2028985507246377) internal successors, (415), 365 states have internal predecessors, (415), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2024-11-16 07:55:42,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 443 states to 443 states and 549 transitions. [2024-11-16 07:55:42,834 INFO L78 Accepts]: Start accepts. Automaton has 443 states and 549 transitions. Word has length 58 [2024-11-16 07:55:42,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:42,834 INFO L471 AbstractCegarLoop]: Abstraction has 443 states and 549 transitions. [2024-11-16 07:55:42,834 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.7) internal successors, (47), 8 states have internal predecessors, (47), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2024-11-16 07:55:42,834 INFO L276 IsEmpty]: Start isEmpty. Operand 443 states and 549 transitions. [2024-11-16 07:55:42,835 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2024-11-16 07:55:42,835 INFO L207 NwaCegarLoop]: Found error trace [2024-11-16 07:55:42,835 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:42,835 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-16 07:55:42,836 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-16 07:55:42,836 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-16 07:55:42,836 INFO L85 PathProgramCache]: Analyzing trace with hash 1611890586, now seen corresponding path program 1 times [2024-11-16 07:55:42,836 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-16 07:55:42,836 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [92586333] [2024-11-16 07:55:42,836 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:42,836 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-16 07:55:42,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,915 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2024-11-16 07:55:42,916 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,928 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2024-11-16 07:55:42,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,959 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2024-11-16 07:55:42,960 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,967 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2024-11-16 07:55:42,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,976 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2024-11-16 07:55:42,977 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,987 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2024-11-16 07:55:42,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,988 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2024-11-16 07:55:42,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,990 INFO L368 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2024-11-16 07:55:42,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:42,993 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 17 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-16 07:55:42,993 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-16 07:55:42,993 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [92586333] [2024-11-16 07:55:42,993 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [92586333] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-16 07:55:42,994 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [192360737] [2024-11-16 07:55:42,994 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-16 07:55:42,994 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-16 07:55:42,994 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-16 07:55:42,996 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-16 07:55:42,997 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-16 07:55:43,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-16 07:55:43,077 INFO L255 TraceCheckSpWp]: Trace formula consists of 328 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-16 07:55:43,083 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-16 07:55:43,226 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 26 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-16 07:55:43,226 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-16 07:55:43,422 INFO L134 CoverageAnalysis]: Checked inductivity of 35 backedges. 20 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2024-11-16 07:55:43,422 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [192360737] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-16 07:55:43,422 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-16 07:55:43,422 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2024-11-16 07:55:43,422 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [277820737] [2024-11-16 07:55:43,422 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-16 07:55:43,423 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-16 07:55:43,423 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-16 07:55:43,424 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-16 07:55:43,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2024-11-16 07:55:43,424 INFO L87 Difference]: Start difference. First operand 443 states and 549 transitions. Second operand has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-11-16 07:55:44,191 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-16 07:55:44,191 INFO L93 Difference]: Finished difference Result 914 states and 1159 transitions. [2024-11-16 07:55:44,192 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-16 07:55:44,192 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 101 [2024-11-16 07:55:44,192 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-16 07:55:44,193 INFO L225 Difference]: With dead ends: 914 [2024-11-16 07:55:44,193 INFO L226 Difference]: Without dead ends: 0 [2024-11-16 07:55:44,195 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 262 GetRequests, 221 SyntacticMatches, 4 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 339 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=342, Invalid=1140, Unknown=0, NotChecked=0, Total=1482 [2024-11-16 07:55:44,195 INFO L432 NwaCegarLoop]: 168 mSDtfsCounter, 455 mSDsluCounter, 1100 mSDsCounter, 0 mSdLazyCounter, 935 mSolverCounterSat, 147 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 459 SdHoareTripleChecker+Valid, 1268 SdHoareTripleChecker+Invalid, 1082 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 147 IncrementalHoareTripleChecker+Valid, 935 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-16 07:55:44,196 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [459 Valid, 1268 Invalid, 1082 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [147 Valid, 935 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-16 07:55:44,196 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-16 07:55:44,196 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-16 07:55:44,196 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-16 07:55:44,196 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-16 07:55:44,197 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 101 [2024-11-16 07:55:44,197 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-16 07:55:44,197 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-16 07:55:44,197 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2024-11-16 07:55:44,197 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-16 07:55:44,197 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-16 07:55:44,215 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-16 07:55:44,230 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-16 07:55:44,419 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-16 07:55:44,422 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-16 07:55:44,423 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-16 07:55:46,570 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-16 07:55:46,597 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|) (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse1 (<= |old(~waterLevel~0)| 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (<= 1 |old(~pumpRunning~0)|))) (or (and .cse0 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse1 .cse2) (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse2 (= |old(~waterLevel~0)| 2))))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-16 07:55:46,606 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 (= |old(~pumpRunning~0)| 0) .cse1) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (<= 1 |old(~pumpRunning~0)|))))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-16 07:55:46,612 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse0 .cse1 (= |old(~waterLevel~0)| 2)))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1) (and .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2))) [2024-11-16 07:55:46,625 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 07:55:46 BoogieIcfgContainer [2024-11-16 07:55:46,625 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-16 07:55:46,626 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-16 07:55:46,626 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-16 07:55:46,626 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-16 07:55:46,626 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.icfgbuilder CFG 16.11 07:55:40" (3/4) ... [2024-11-16 07:55:46,628 INFO L143 WitnessPrinter]: Generating witness for correct program [2024-11-16 07:55:46,631 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-16 07:55:46,631 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-16 07:55:46,631 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-16 07:55:46,631 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-16 07:55:46,632 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-16 07:55:46,632 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-16 07:55:46,632 INFO L393 IcfgBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-16 07:55:46,638 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 41 nodes and edges [2024-11-16 07:55:46,638 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 10 nodes and edges [2024-11-16 07:55:46,638 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-16 07:55:46,639 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:46,639 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-16 07:55:46,724 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-16 07:55:46,724 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-16 07:55:46,724 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-16 07:55:46,725 INFO L158 Benchmark]: Toolchain (without parser) took 7314.57ms. Allocated memory was 209.7MB in the beginning and 302.0MB in the end (delta: 92.3MB). Free memory was 180.2MB in the beginning and 223.6MB in the end (delta: -43.5MB). Peak memory consumption was 49.6MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,726 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 132.1MB. Free memory was 95.1MB in the beginning and 95.0MB in the end (delta: 159.6kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-16 07:55:46,726 INFO L158 Benchmark]: CACSL2BoogieTranslator took 378.23ms. Allocated memory is still 209.7MB. Free memory was 180.0MB in the beginning and 163.9MB in the end (delta: 16.0MB). Peak memory consumption was 19.2MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,727 INFO L158 Benchmark]: Boogie Procedure Inliner took 53.09ms. Allocated memory is still 209.7MB. Free memory was 163.0MB in the beginning and 160.7MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,727 INFO L158 Benchmark]: Boogie Preprocessor took 40.52ms. Allocated memory is still 209.7MB. Free memory was 160.7MB in the beginning and 158.8MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,727 INFO L158 Benchmark]: IcfgBuilder took 363.43ms. Allocated memory is still 209.7MB. Free memory was 158.8MB in the beginning and 138.7MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,728 INFO L158 Benchmark]: TraceAbstraction took 6375.48ms. Allocated memory was 209.7MB in the beginning and 302.0MB in the end (delta: 92.3MB). Free memory was 138.7MB in the beginning and 231.0MB in the end (delta: -92.2MB). Peak memory consumption was 108.2MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,728 INFO L158 Benchmark]: Witness Printer took 98.89ms. Allocated memory is still 302.0MB. Free memory was 231.0MB in the beginning and 223.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-16 07:55:46,729 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 132.1MB. Free memory was 95.1MB in the beginning and 95.0MB in the end (delta: 159.6kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 378.23ms. Allocated memory is still 209.7MB. Free memory was 180.0MB in the beginning and 163.9MB in the end (delta: 16.0MB). Peak memory consumption was 19.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 53.09ms. Allocated memory is still 209.7MB. Free memory was 163.0MB in the beginning and 160.7MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 40.52ms. Allocated memory is still 209.7MB. Free memory was 160.7MB in the beginning and 158.8MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * IcfgBuilder took 363.43ms. Allocated memory is still 209.7MB. Free memory was 158.8MB in the beginning and 138.7MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 6375.48ms. Allocated memory was 209.7MB in the beginning and 302.0MB in the end (delta: 92.3MB). Free memory was 138.7MB in the beginning and 231.0MB in the end (delta: -92.2MB). Peak memory consumption was 108.2MB. Max. memory is 16.1GB. * Witness Printer took 98.89ms. Allocated memory is still 302.0MB. Free memory was 231.0MB in the beginning and 223.6MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [58] - GenericResultAtLocation [Line: 279]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [279] - GenericResultAtLocation [Line: 349]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [349] - GenericResultAtLocation [Line: 453]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [453] - GenericResultAtLocation [Line: 819]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [819] - GenericResultAtLocation [Line: 868]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [868] - GenericResultAtLocation [Line: 906]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [906] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 99 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.1s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1733 SdHoareTripleChecker+Valid, 1.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1701 mSDsluCounter, 3837 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2732 mSDsCounter, 433 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1884 IncrementalHoareTripleChecker+Invalid, 2317 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 433 mSolverCounterUnsat, 1105 mSDtfsCounter, 1884 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 394 GetRequests, 295 SyntacticMatches, 4 SemanticMatches, 95 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 492 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=443occurred in iteration=9, InterpolantAutomatonStates: 89, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 99 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 637 NumberOfCodeBlocks, 637 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 726 ConstructedInterpolants, 0 QuantifiedInterpolants, 1351 SizeOfPredicates, 2 NumberOfNonLiveVariables, 328 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 104/132 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 293]: Location Invariant Derived location invariant: null - InvariantResult [Line: 918]: Location Invariant Derived location invariant: null - ProcedureContractResult [Line: 102]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 377]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 908]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 75]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) && (((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (\old(pumpRunning) < 1)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((1 == systemActive) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (1 <= \old(pumpRunning))) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (1 <= \old(pumpRunning))) && (\old(waterLevel) == 2)))) && (((\old(waterLevel) != 2) || (\old(pumpRunning) < 1)) || (waterLevel == 1))) && ((((systemActive == \old(systemActive)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 110]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 == waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (1 <= \old(pumpRunning))))) && ((((((systemActive == \old(systemActive)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 365]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && ((((((1 <= pumpRunning) && (1 == systemActive)) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 <= pumpRunning) && (1 == systemActive)) && (\old(waterLevel) == 2)))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 188]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((pumpRunning == \result) && (((((1 <= pumpRunning) && (2 == waterLevel)) && (1 == systemActive)) || ((((1 <= pumpRunning) && (1 == systemActive)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (head == \old(head))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-16 07:55:46,755 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE