./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c6b9b08cafcd1ede2e2b3a8fb1be067350eaac45a7dc4fb4db0fb4cb0fdccd74 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:18:31,679 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:18:31,758 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:18:31,763 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:18:31,763 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:18:31,793 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:18:31,794 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:18:31,794 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:18:31,795 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:18:31,796 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:18:31,796 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:18:31,797 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:18:31,797 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:18:31,798 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:18:31,800 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:18:31,800 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:18:31,801 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:18:31,801 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:18:31,801 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:18:31,801 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:18:31,802 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:18:31,806 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:18:31,806 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:18:31,806 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:18:31,807 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:18:31,807 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:18:31,807 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:18:31,807 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:18:31,808 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:18:31,808 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:18:31,808 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:18:31,809 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:18:31,809 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:18:31,809 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:18:31,810 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:18:31,810 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:18:31,811 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:18:31,811 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:18:31,811 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:18:31,812 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:18:31,812 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:18:31,812 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:18:31,812 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c6b9b08cafcd1ede2e2b3a8fb1be067350eaac45a7dc4fb4db0fb4cb0fdccd74 [2024-11-18 14:18:32,051 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:18:32,077 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:18:32,080 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:18:32,081 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:18:32,082 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:18:32,083 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c [2024-11-18 14:18:33,480 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:18:33,738 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:18:33,739 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c [2024-11-18 14:18:33,752 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0bd4b88a4/1d03ee0856714bd092f6ea9727376d78/FLAG6cacb8591 [2024-11-18 14:18:34,054 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/0bd4b88a4/1d03ee0856714bd092f6ea9727376d78 [2024-11-18 14:18:34,056 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:18:34,058 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:18:34,059 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:18:34,059 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:18:34,063 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:18:34,064 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,065 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@539d670e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34, skipping insertion in model container [2024-11-18 14:18:34,065 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,129 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:18:34,339 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c[1605,1618] [2024-11-18 14:18:34,504 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:18:34,518 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:18:34,527 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] [2024-11-18 14:18:34,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] [2024-11-18 14:18:34,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [96] [2024-11-18 14:18:34,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [124] [2024-11-18 14:18:34,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [490] [2024-11-18 14:18:34,530 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [591] [2024-11-18 14:18:34,530 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [862] [2024-11-18 14:18:34,530 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [966] [2024-11-18 14:18:34,535 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product64.cil.c[1605,1618] [2024-11-18 14:18:34,590 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:18:34,613 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:18:34,613 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34 WrapperNode [2024-11-18 14:18:34,613 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:18:34,614 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:18:34,614 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:18:34,615 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:18:34,622 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,643 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,674 INFO L138 Inliner]: procedures = 59, calls = 107, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 223 [2024-11-18 14:18:34,674 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:18:34,675 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:18:34,675 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:18:34,675 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:18:34,687 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,687 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,690 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,711 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:18:34,715 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,716 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,722 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,727 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,730 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,731 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,734 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:18:34,735 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:18:34,735 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:18:34,735 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:18:34,736 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (1/1) ... [2024-11-18 14:18:34,740 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:18:34,748 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:18:34,761 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:18:34,764 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:18:34,803 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:18:34,804 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:18:34,804 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:18:34,804 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:18:34,804 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:18:34,804 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:18:34,804 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:18:34,804 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-18 14:18:34,804 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-18 14:18:34,805 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:18:34,805 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:18:34,805 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:18:34,805 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:18:34,805 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:18:34,805 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:18:34,805 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-18 14:18:34,805 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-18 14:18:34,805 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:18:34,806 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:18:34,806 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:18:34,806 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:18:34,806 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:18:34,806 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:18:34,806 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:18:34,880 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:18:34,883 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:18:35,151 INFO L? ?]: Removed 50 outVars from TransFormulas that were not future-live. [2024-11-18 14:18:35,152 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:18:35,176 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:18:35,176 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:18:35,177 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:18:35 BoogieIcfgContainer [2024-11-18 14:18:35,177 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:18:35,179 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:18:35,179 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:18:35,182 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:18:35,183 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:18:34" (1/3) ... [2024-11-18 14:18:35,184 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d431073 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:18:35, skipping insertion in model container [2024-11-18 14:18:35,184 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:18:34" (2/3) ... [2024-11-18 14:18:35,184 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5d431073 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:18:35, skipping insertion in model container [2024-11-18 14:18:35,185 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:18:35" (3/3) ... [2024-11-18 14:18:35,187 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product64.cil.c [2024-11-18 14:18:35,207 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:18:35,208 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:18:35,276 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:18:35,285 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5e9ded46, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:18:35,286 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:18:35,291 INFO L276 IsEmpty]: Start isEmpty. Operand has 113 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) [2024-11-18 14:18:35,302 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2024-11-18 14:18:35,303 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:35,304 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:35,304 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:35,310 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:35,310 INFO L85 PathProgramCache]: Analyzing trace with hash -1906157068, now seen corresponding path program 1 times [2024-11-18 14:18:35,320 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:35,321 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [229230391] [2024-11-18 14:18:35,321 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:35,321 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:35,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:35,543 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:18:35,543 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:35,544 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [229230391] [2024-11-18 14:18:35,544 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [229230391] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:35,544 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:35,544 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:18:35,551 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1465577116] [2024-11-18 14:18:35,552 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:35,556 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:18:35,557 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:35,581 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:18:35,581 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:18:35,585 INFO L87 Difference]: Start difference. First operand has 113 states, 82 states have (on average 1.3658536585365855) internal successors, (112), 93 states have internal predecessors, (112), 19 states have call successors, (19), 10 states have call predecessors, (19), 10 states have return successors, (19), 14 states have call predecessors, (19), 19 states have call successors, (19) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:35,626 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:35,627 INFO L93 Difference]: Finished difference Result 218 states and 295 transitions. [2024-11-18 14:18:35,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:18:35,630 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2024-11-18 14:18:35,630 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:35,641 INFO L225 Difference]: With dead ends: 218 [2024-11-18 14:18:35,641 INFO L226 Difference]: Without dead ends: 104 [2024-11-18 14:18:35,647 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:18:35,652 INFO L432 NwaCegarLoop]: 144 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:35,653 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:18:35,669 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2024-11-18 14:18:35,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 104. [2024-11-18 14:18:35,700 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 75 states have (on average 1.3066666666666666) internal successors, (98), 85 states have internal predecessors, (98), 19 states have call successors, (19), 10 states have call predecessors, (19), 9 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-18 14:18:35,705 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 135 transitions. [2024-11-18 14:18:35,707 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 135 transitions. Word has length 23 [2024-11-18 14:18:35,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:35,708 INFO L471 AbstractCegarLoop]: Abstraction has 104 states and 135 transitions. [2024-11-18 14:18:35,708 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:35,708 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 135 transitions. [2024-11-18 14:18:35,713 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-18 14:18:35,713 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:35,714 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:35,714 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:18:35,714 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:35,715 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:35,715 INFO L85 PathProgramCache]: Analyzing trace with hash 1844087638, now seen corresponding path program 1 times [2024-11-18 14:18:35,716 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:35,716 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1800080443] [2024-11-18 14:18:35,717 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:35,717 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:35,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:35,842 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:18:35,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:35,843 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1800080443] [2024-11-18 14:18:35,843 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1800080443] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:35,844 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:35,844 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:18:35,844 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1953650554] [2024-11-18 14:18:35,844 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:35,846 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:18:35,846 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:35,847 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:18:35,847 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:18:35,847 INFO L87 Difference]: Start difference. First operand 104 states and 135 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:35,878 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:35,878 INFO L93 Difference]: Finished difference Result 169 states and 219 transitions. [2024-11-18 14:18:35,879 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:18:35,879 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2024-11-18 14:18:35,880 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:35,881 INFO L225 Difference]: With dead ends: 169 [2024-11-18 14:18:35,881 INFO L226 Difference]: Without dead ends: 95 [2024-11-18 14:18:35,882 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:18:35,883 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 17 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:35,884 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 222 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:18:35,885 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2024-11-18 14:18:35,901 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2024-11-18 14:18:35,903 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 69 states have (on average 1.318840579710145) internal successors, (91), 79 states have internal predecessors, (91), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-18 14:18:35,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 123 transitions. [2024-11-18 14:18:35,909 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 123 transitions. Word has length 24 [2024-11-18 14:18:35,926 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:35,927 INFO L471 AbstractCegarLoop]: Abstraction has 95 states and 123 transitions. [2024-11-18 14:18:35,927 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:35,927 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 123 transitions. [2024-11-18 14:18:35,928 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2024-11-18 14:18:35,928 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:35,928 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:35,928 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:18:35,929 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:35,929 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:35,929 INFO L85 PathProgramCache]: Analyzing trace with hash -1533698931, now seen corresponding path program 1 times [2024-11-18 14:18:35,929 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:35,930 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [845775919] [2024-11-18 14:18:35,930 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:35,930 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:35,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:36,059 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:18:36,059 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:36,059 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [845775919] [2024-11-18 14:18:36,060 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [845775919] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:36,060 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:36,060 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:18:36,060 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1540997037] [2024-11-18 14:18:36,060 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:36,062 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:18:36,062 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:36,063 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:18:36,063 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:18:36,064 INFO L87 Difference]: Start difference. First operand 95 states and 123 transitions. Second operand has 5 states, 5 states have (on average 5.2) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:36,144 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:36,145 INFO L93 Difference]: Finished difference Result 225 states and 294 transitions. [2024-11-18 14:18:36,146 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:18:36,147 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.2) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2024-11-18 14:18:36,147 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:36,149 INFO L225 Difference]: With dead ends: 225 [2024-11-18 14:18:36,149 INFO L226 Difference]: Without dead ends: 137 [2024-11-18 14:18:36,150 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:18:36,151 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 116 mSDsluCounter, 314 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 447 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:36,151 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 447 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:18:36,152 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 137 states. [2024-11-18 14:18:36,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 137 to 134. [2024-11-18 14:18:36,166 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 134 states, 98 states have (on average 1.336734693877551) internal successors, (131), 111 states have internal predecessors, (131), 21 states have call successors, (21), 14 states have call predecessors, (21), 14 states have return successors, (22), 15 states have call predecessors, (22), 21 states have call successors, (22) [2024-11-18 14:18:36,169 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 134 states to 134 states and 174 transitions. [2024-11-18 14:18:36,169 INFO L78 Accepts]: Start accepts. Automaton has 134 states and 174 transitions. Word has length 29 [2024-11-18 14:18:36,170 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:36,170 INFO L471 AbstractCegarLoop]: Abstraction has 134 states and 174 transitions. [2024-11-18 14:18:36,170 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.2) internal successors, (26), 5 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:36,170 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 174 transitions. [2024-11-18 14:18:36,171 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-18 14:18:36,171 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:36,171 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:36,172 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:18:36,172 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:36,176 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:36,176 INFO L85 PathProgramCache]: Analyzing trace with hash 521603362, now seen corresponding path program 1 times [2024-11-18 14:18:36,176 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:36,176 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [721597779] [2024-11-18 14:18:36,177 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:36,177 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:36,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:36,292 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:18:36,293 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:36,293 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [721597779] [2024-11-18 14:18:36,293 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [721597779] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:36,293 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:36,294 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:18:36,294 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [152860619] [2024-11-18 14:18:36,294 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:36,294 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:18:36,294 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:36,295 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:18:36,295 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:18:36,295 INFO L87 Difference]: Start difference. First operand 134 states and 174 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:36,403 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:36,403 INFO L93 Difference]: Finished difference Result 307 states and 410 transitions. [2024-11-18 14:18:36,404 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:18:36,404 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2024-11-18 14:18:36,404 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:36,406 INFO L225 Difference]: With dead ends: 307 [2024-11-18 14:18:36,406 INFO L226 Difference]: Without dead ends: 180 [2024-11-18 14:18:36,409 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:18:36,410 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 86 mSDsluCounter, 308 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 424 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:36,410 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 424 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:18:36,411 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-11-18 14:18:36,430 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 179. [2024-11-18 14:18:36,431 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 179 states, 132 states have (on average 1.2727272727272727) internal successors, (168), 144 states have internal predecessors, (168), 25 states have call successors, (25), 21 states have call predecessors, (25), 21 states have return successors, (33), 23 states have call predecessors, (33), 25 states have call successors, (33) [2024-11-18 14:18:36,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 179 states to 179 states and 226 transitions. [2024-11-18 14:18:36,432 INFO L78 Accepts]: Start accepts. Automaton has 179 states and 226 transitions. Word has length 32 [2024-11-18 14:18:36,433 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:36,433 INFO L471 AbstractCegarLoop]: Abstraction has 179 states and 226 transitions. [2024-11-18 14:18:36,433 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:18:36,433 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 226 transitions. [2024-11-18 14:18:36,435 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-18 14:18:36,435 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:36,435 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:36,435 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:18:36,435 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:36,436 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:36,436 INFO L85 PathProgramCache]: Analyzing trace with hash 1689247176, now seen corresponding path program 1 times [2024-11-18 14:18:36,436 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:36,436 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1075973659] [2024-11-18 14:18:36,436 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:36,436 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:36,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:36,582 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:18:36,583 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:36,583 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1075973659] [2024-11-18 14:18:36,583 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1075973659] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:36,583 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:36,583 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:18:36,583 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [628937393] [2024-11-18 14:18:36,583 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:36,584 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:18:36,584 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:36,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:18:36,585 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:18:36,585 INFO L87 Difference]: Start difference. First operand 179 states and 226 transitions. Second operand has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:18:36,788 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:36,788 INFO L93 Difference]: Finished difference Result 662 states and 877 transitions. [2024-11-18 14:18:36,792 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:18:36,793 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 60 [2024-11-18 14:18:36,793 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:36,798 INFO L225 Difference]: With dead ends: 662 [2024-11-18 14:18:36,799 INFO L226 Difference]: Without dead ends: 490 [2024-11-18 14:18:36,800 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:18:36,801 INFO L432 NwaCegarLoop]: 224 mSDtfsCounter, 177 mSDsluCounter, 197 mSDsCounter, 0 mSdLazyCounter, 78 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 177 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 85 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 78 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:36,804 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [177 Valid, 421 Invalid, 85 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 78 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:18:36,806 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 490 states. [2024-11-18 14:18:36,886 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 490 to 479. [2024-11-18 14:18:36,889 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 479 states, 355 states have (on average 1.2619718309859156) internal successors, (448), 383 states have internal predecessors, (448), 65 states have call successors, (65), 56 states have call predecessors, (65), 58 states have return successors, (108), 63 states have call predecessors, (108), 65 states have call successors, (108) [2024-11-18 14:18:36,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 479 states to 479 states and 621 transitions. [2024-11-18 14:18:36,895 INFO L78 Accepts]: Start accepts. Automaton has 479 states and 621 transitions. Word has length 60 [2024-11-18 14:18:36,896 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:36,897 INFO L471 AbstractCegarLoop]: Abstraction has 479 states and 621 transitions. [2024-11-18 14:18:36,897 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:18:36,897 INFO L276 IsEmpty]: Start isEmpty. Operand 479 states and 621 transitions. [2024-11-18 14:18:36,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-18 14:18:36,900 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:36,900 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:36,903 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:18:36,904 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:36,904 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:36,904 INFO L85 PathProgramCache]: Analyzing trace with hash -361736822, now seen corresponding path program 1 times [2024-11-18 14:18:36,904 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:36,905 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1385587324] [2024-11-18 14:18:36,905 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:36,905 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:36,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:37,010 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:18:37,011 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:37,012 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1385587324] [2024-11-18 14:18:37,012 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1385587324] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:37,012 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:37,012 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:18:37,013 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [165180480] [2024-11-18 14:18:37,014 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:37,015 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:18:37,015 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:37,016 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:18:37,016 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:18:37,016 INFO L87 Difference]: Start difference. First operand 479 states and 621 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:18:37,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:37,070 INFO L93 Difference]: Finished difference Result 960 states and 1303 transitions. [2024-11-18 14:18:37,071 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:18:37,071 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 60 [2024-11-18 14:18:37,072 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:37,078 INFO L225 Difference]: With dead ends: 960 [2024-11-18 14:18:37,078 INFO L226 Difference]: Without dead ends: 488 [2024-11-18 14:18:37,081 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:18:37,082 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 0 mSDsluCounter, 354 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:37,085 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 474 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:18:37,087 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 488 states. [2024-11-18 14:18:37,135 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 488 to 488. [2024-11-18 14:18:37,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 488 states, 364 states have (on average 1.2554945054945055) internal successors, (457), 392 states have internal predecessors, (457), 65 states have call successors, (65), 56 states have call predecessors, (65), 58 states have return successors, (108), 63 states have call predecessors, (108), 65 states have call successors, (108) [2024-11-18 14:18:37,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 488 states to 488 states and 630 transitions. [2024-11-18 14:18:37,141 INFO L78 Accepts]: Start accepts. Automaton has 488 states and 630 transitions. Word has length 60 [2024-11-18 14:18:37,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:37,142 INFO L471 AbstractCegarLoop]: Abstraction has 488 states and 630 transitions. [2024-11-18 14:18:37,142 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:18:37,142 INFO L276 IsEmpty]: Start isEmpty. Operand 488 states and 630 transitions. [2024-11-18 14:18:37,145 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-18 14:18:37,146 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:37,146 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:37,147 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:18:37,147 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:37,147 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:37,148 INFO L85 PathProgramCache]: Analyzing trace with hash -86977208, now seen corresponding path program 1 times [2024-11-18 14:18:37,148 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:37,148 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1582899516] [2024-11-18 14:18:37,148 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:37,149 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:37,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:37,285 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:18:37,286 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:37,286 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1582899516] [2024-11-18 14:18:37,286 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1582899516] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:37,286 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:37,286 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-18 14:18:37,286 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [721888832] [2024-11-18 14:18:37,287 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:37,287 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:18:37,287 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:37,288 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:18:37,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:18:37,288 INFO L87 Difference]: Start difference. First operand 488 states and 630 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:18:37,360 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:37,360 INFO L93 Difference]: Finished difference Result 902 states and 1202 transitions. [2024-11-18 14:18:37,361 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-18 14:18:37,361 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 60 [2024-11-18 14:18:37,361 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:37,364 INFO L225 Difference]: With dead ends: 902 [2024-11-18 14:18:37,365 INFO L226 Difference]: Without dead ends: 421 [2024-11-18 14:18:37,367 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:18:37,368 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 0 mSDsluCounter, 468 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 587 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:37,368 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 587 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:18:37,369 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 421 states. [2024-11-18 14:18:37,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 421 to 421. [2024-11-18 14:18:37,400 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 421 states, 314 states have (on average 1.2484076433121019) internal successors, (392), 337 states have internal predecessors, (392), 56 states have call successors, (56), 49 states have call predecessors, (56), 50 states have return successors, (88), 53 states have call predecessors, (88), 56 states have call successors, (88) [2024-11-18 14:18:37,403 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 421 states to 421 states and 536 transitions. [2024-11-18 14:18:37,406 INFO L78 Accepts]: Start accepts. Automaton has 421 states and 536 transitions. Word has length 60 [2024-11-18 14:18:37,406 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:37,406 INFO L471 AbstractCegarLoop]: Abstraction has 421 states and 536 transitions. [2024-11-18 14:18:37,407 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:18:37,407 INFO L276 IsEmpty]: Start isEmpty. Operand 421 states and 536 transitions. [2024-11-18 14:18:37,408 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2024-11-18 14:18:37,408 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:37,408 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:37,409 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:18:37,409 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:37,409 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:37,410 INFO L85 PathProgramCache]: Analyzing trace with hash 1271229164, now seen corresponding path program 1 times [2024-11-18 14:18:37,410 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:37,410 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1784537165] [2024-11-18 14:18:37,410 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:37,410 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:37,433 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:37,534 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-18 14:18:37,534 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:37,534 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1784537165] [2024-11-18 14:18:37,534 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1784537165] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:37,534 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:18:37,534 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-18 14:18:37,534 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2090716429] [2024-11-18 14:18:37,535 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:37,535 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:18:37,535 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:37,536 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:18:37,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:18:37,536 INFO L87 Difference]: Start difference. First operand 421 states and 536 transitions. Second operand has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:18:37,699 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:37,700 INFO L93 Difference]: Finished difference Result 1231 states and 1614 transitions. [2024-11-18 14:18:37,700 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:18:37,700 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 64 [2024-11-18 14:18:37,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:37,708 INFO L225 Difference]: With dead ends: 1231 [2024-11-18 14:18:37,708 INFO L226 Difference]: Without dead ends: 817 [2024-11-18 14:18:37,710 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-18 14:18:37,711 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 91 mSDsluCounter, 430 mSDsCounter, 0 mSdLazyCounter, 60 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 551 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 60 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:37,712 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 551 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 60 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:18:37,713 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 817 states. [2024-11-18 14:18:37,772 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 817 to 817. [2024-11-18 14:18:37,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 817 states, 604 states have (on average 1.228476821192053) internal successors, (742), 649 states have internal predecessors, (742), 112 states have call successors, (112), 98 states have call predecessors, (112), 100 states have return successors, (184), 106 states have call predecessors, (184), 112 states have call successors, (184) [2024-11-18 14:18:37,778 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 817 states to 817 states and 1038 transitions. [2024-11-18 14:18:37,780 INFO L78 Accepts]: Start accepts. Automaton has 817 states and 1038 transitions. Word has length 64 [2024-11-18 14:18:37,781 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:37,781 INFO L471 AbstractCegarLoop]: Abstraction has 817 states and 1038 transitions. [2024-11-18 14:18:37,781 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:18:37,785 INFO L276 IsEmpty]: Start isEmpty. Operand 817 states and 1038 transitions. [2024-11-18 14:18:37,787 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2024-11-18 14:18:37,787 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:37,788 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:37,788 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:18:37,788 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:37,788 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:37,788 INFO L85 PathProgramCache]: Analyzing trace with hash 2077759664, now seen corresponding path program 1 times [2024-11-18 14:18:37,789 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:37,789 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [487710768] [2024-11-18 14:18:37,789 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:37,789 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:37,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:38,000 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-18 14:18:38,000 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:38,002 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [487710768] [2024-11-18 14:18:38,003 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [487710768] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:18:38,003 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1353027764] [2024-11-18 14:18:38,003 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:38,003 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:18:38,003 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:18:38,005 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:18:38,009 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:18:38,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:38,098 INFO L255 TraceCheckSpWp]: Trace formula consists of 247 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-18 14:18:38,106 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:18:38,346 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:18:38,347 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:18:38,347 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1353027764] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:38,347 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:18:38,347 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [12] total 18 [2024-11-18 14:18:38,347 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2094419368] [2024-11-18 14:18:38,348 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:38,348 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-18 14:18:38,348 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:38,349 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-18 14:18:38,349 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=46, Invalid=260, Unknown=0, NotChecked=0, Total=306 [2024-11-18 14:18:38,349 INFO L87 Difference]: Start difference. First operand 817 states and 1038 transitions. Second operand has 8 states, 8 states have (on average 6.625) internal successors, (53), 6 states have internal predecessors, (53), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-18 14:18:38,586 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:38,586 INFO L93 Difference]: Finished difference Result 1625 states and 2071 transitions. [2024-11-18 14:18:38,587 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-18 14:18:38,587 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.625) internal successors, (53), 6 states have internal predecessors, (53), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) Word has length 68 [2024-11-18 14:18:38,587 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:38,593 INFO L225 Difference]: With dead ends: 1625 [2024-11-18 14:18:38,593 INFO L226 Difference]: Without dead ends: 815 [2024-11-18 14:18:38,596 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 80 GetRequests, 64 SyntacticMatches, 0 SemanticMatches, 16 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 16 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=46, Invalid=260, Unknown=0, NotChecked=0, Total=306 [2024-11-18 14:18:38,597 INFO L432 NwaCegarLoop]: 224 mSDtfsCounter, 79 mSDsluCounter, 600 mSDsCounter, 0 mSdLazyCounter, 196 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 824 SdHoareTripleChecker+Invalid, 197 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 196 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:38,598 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 824 Invalid, 197 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 196 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:18:38,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 815 states. [2024-11-18 14:18:38,657 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 815 to 815. [2024-11-18 14:18:38,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 815 states, 602 states have (on average 1.2142857142857142) internal successors, (731), 646 states have internal predecessors, (731), 112 states have call successors, (112), 98 states have call predecessors, (112), 100 states have return successors, (166), 106 states have call predecessors, (166), 112 states have call successors, (166) [2024-11-18 14:18:38,662 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 815 states to 815 states and 1009 transitions. [2024-11-18 14:18:38,664 INFO L78 Accepts]: Start accepts. Automaton has 815 states and 1009 transitions. Word has length 68 [2024-11-18 14:18:38,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:38,664 INFO L471 AbstractCegarLoop]: Abstraction has 815 states and 1009 transitions. [2024-11-18 14:18:38,664 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.625) internal successors, (53), 6 states have internal predecessors, (53), 3 states have call successors, (8), 3 states have call predecessors, (8), 5 states have return successors, (7), 5 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-18 14:18:38,664 INFO L276 IsEmpty]: Start isEmpty. Operand 815 states and 1009 transitions. [2024-11-18 14:18:38,669 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2024-11-18 14:18:38,669 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:18:38,669 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:38,687 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-18 14:18:38,873 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:18:38,874 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:18:38,874 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:18:38,874 INFO L85 PathProgramCache]: Analyzing trace with hash 963454430, now seen corresponding path program 1 times [2024-11-18 14:18:38,874 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:18:38,874 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1025239505] [2024-11-18 14:18:38,875 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:38,875 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:18:38,899 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:39,101 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-18 14:18:39,101 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:18:39,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1025239505] [2024-11-18 14:18:39,102 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1025239505] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:18:39,102 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [941577906] [2024-11-18 14:18:39,102 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:18:39,102 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:18:39,102 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:18:39,104 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:18:39,106 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-18 14:18:39,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:18:39,213 INFO L255 TraceCheckSpWp]: Trace formula consists of 373 conjuncts, 9 conjuncts are in the unsatisfiable core [2024-11-18 14:18:39,218 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:18:39,354 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 40 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-18 14:18:39,357 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:18:39,358 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [941577906] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:18:39,358 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:18:39,358 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [11] total 17 [2024-11-18 14:18:39,358 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1731680282] [2024-11-18 14:18:39,358 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:18:39,359 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-18 14:18:39,359 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:18:39,359 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-18 14:18:39,360 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=42, Invalid=230, Unknown=0, NotChecked=0, Total=272 [2024-11-18 14:18:39,360 INFO L87 Difference]: Start difference. First operand 815 states and 1009 transitions. Second operand has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-18 14:18:39,545 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:18:39,546 INFO L93 Difference]: Finished difference Result 1371 states and 1713 transitions. [2024-11-18 14:18:39,546 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2024-11-18 14:18:39,547 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) Word has length 123 [2024-11-18 14:18:39,547 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:18:39,549 INFO L225 Difference]: With dead ends: 1371 [2024-11-18 14:18:39,549 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:18:39,553 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 136 GetRequests, 119 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 27 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=54, Invalid=288, Unknown=0, NotChecked=0, Total=342 [2024-11-18 14:18:39,554 INFO L432 NwaCegarLoop]: 204 mSDtfsCounter, 70 mSDsluCounter, 811 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 1015 SdHoareTripleChecker+Invalid, 117 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:18:39,555 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 1015 Invalid, 117 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:18:39,556 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:18:39,556 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:18:39,556 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:18:39,556 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:18:39,557 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 123 [2024-11-18 14:18:39,557 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:18:39,557 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:18:39,558 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 11.0) internal successors, (88), 6 states have internal predecessors, (88), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2024-11-18 14:18:39,558 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:18:39,558 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:18:39,562 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:18:39,580 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-18 14:18:39,766 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:18:39,769 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:18:39,772 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:18:42,802 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:18:42,837 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (let ((.cse0 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1) (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|)) (and .cse1 (not (= 0 ~systemActive~0))))) (or (not .cse1) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (let ((.cse0 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1) (and .cse0 (<= 1 |old(~methaneLevelCritical~0)|)) (and .cse1 (not (= 0 ~systemActive~0))))) (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse1) (= ~methaneLevelCritical~0 0))))) [2024-11-18 14:18:42,849 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:18:42,857 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not .cse2)) (.cse6 (= |old(~waterLevel~0)| 1)) (.cse5 (= ~waterLevel~0 1))) (and (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse3 (<= 1 ~methaneLevelCritical~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse0 .cse2) (and .cse3 .cse2) (and .cse3 .cse1))) (or .cse4 (= ~pumpRunning~0 0)) (or (not .cse5) .cse6) (or .cse4 (not .cse6) .cse5)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not .cse2)) (.cse6 (= |old(~waterLevel~0)| 1)) (.cse5 (= ~waterLevel~0 1))) (and (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse3 (<= 1 ~methaneLevelCritical~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and .cse0 .cse2) (and .cse3 .cse2) (and .cse3 .cse1))) (or .cse4 (= ~pumpRunning~0 0)) (or (not .cse5) .cse6) (or .cse4 (not .cse6) .cse5))))) [2024-11-18 14:18:42,863 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:18:42,879 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse0))) (or (not .cse1) (= ~pumpRunning~0 0)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse0))) (or (not .cse1) (= ~pumpRunning~0 0))))) [2024-11-18 14:18:42,884 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:18:42,887 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (let ((.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0)) (and .cse1 (not (= 0 ~systemActive~0))) (and .cse0 .cse1))) (or (not .cse0) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0)) (and .cse1 (not (= 0 ~systemActive~0))) (and .cse0 .cse1))) [2024-11-18 14:18:42,893 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse0))) (or (not .cse1) (= ~pumpRunning~0 0)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0) (and (<= 1 ~methaneLevelCritical~0) .cse1 .cse0))) (or (not .cse1) (= ~pumpRunning~0 0))))) [2024-11-18 14:18:42,895 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:18:42,900 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:18:42 BoogieIcfgContainer [2024-11-18 14:18:42,900 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:18:42,900 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:18:42,901 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:18:42,901 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:18:42,901 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:18:35" (3/4) ... [2024-11-18 14:18:42,904 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:18:42,909 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-18 14:18:42,910 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:18:42,911 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:18:42,911 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:18:42,911 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-18 14:18:42,918 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-18 14:18:42,918 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:18:42,919 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:18:42,919 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:18:42,920 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:18:43,039 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:18:43,040 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:18:43,040 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:18:43,041 INFO L158 Benchmark]: Toolchain (without parser) took 8982.74ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 86.5MB in the beginning and 121.6MB in the end (delta: -35.1MB). Peak memory consumption was 35.3MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,041 INFO L158 Benchmark]: CDTParser took 0.21ms. Allocated memory is still 153.1MB. Free memory is still 114.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:18:43,041 INFO L158 Benchmark]: CACSL2BoogieTranslator took 554.83ms. Allocated memory is still 153.1MB. Free memory was 86.3MB in the beginning and 106.8MB in the end (delta: -20.4MB). Peak memory consumption was 4.3MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,042 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.81ms. Allocated memory is still 153.1MB. Free memory was 106.8MB in the beginning and 103.9MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,042 INFO L158 Benchmark]: Boogie Preprocessor took 59.79ms. Allocated memory is still 153.1MB. Free memory was 103.9MB in the beginning and 101.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,042 INFO L158 Benchmark]: RCFGBuilder took 441.88ms. Allocated memory is still 153.1MB. Free memory was 101.5MB in the beginning and 81.6MB in the end (delta: 19.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,043 INFO L158 Benchmark]: TraceAbstraction took 7721.09ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 80.9MB in the beginning and 130.0MB in the end (delta: -49.2MB). Peak memory consumption was 91.1MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,043 INFO L158 Benchmark]: Witness Printer took 139.24ms. Allocated memory is still 222.3MB. Free memory was 130.0MB in the beginning and 121.6MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:18:43,045 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.21ms. Allocated memory is still 153.1MB. Free memory is still 114.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 554.83ms. Allocated memory is still 153.1MB. Free memory was 86.3MB in the beginning and 106.8MB in the end (delta: -20.4MB). Peak memory consumption was 4.3MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.81ms. Allocated memory is still 153.1MB. Free memory was 106.8MB in the beginning and 103.9MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.79ms. Allocated memory is still 153.1MB. Free memory was 103.9MB in the beginning and 101.5MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 441.88ms. Allocated memory is still 153.1MB. Free memory was 101.5MB in the beginning and 81.6MB in the end (delta: 19.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 7721.09ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 80.9MB in the beginning and 130.0MB in the end (delta: -49.2MB). Peak memory consumption was 91.1MB. Max. memory is 16.1GB. * Witness Printer took 139.24ms. Allocated memory is still 222.3MB. Free memory was 130.0MB in the beginning and 121.6MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [49] - GenericResultAtLocation [Line: 58]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [58] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [96] - GenericResultAtLocation [Line: 124]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [124] - GenericResultAtLocation [Line: 490]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [490] - GenericResultAtLocation [Line: 591]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [591] - GenericResultAtLocation [Line: 862]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [862] - GenericResultAtLocation [Line: 966]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [966] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 113 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.5s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 647 SdHoareTripleChecker+Valid, 0.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 636 mSDsluCounter, 5109 SdHoareTripleChecker+Invalid, 0.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3582 mSDsCounter, 25 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 539 IncrementalHoareTripleChecker+Invalid, 564 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 25 mSolverCounterUnsat, 1527 mSDtfsCounter, 539 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 263 GetRequests, 203 SyntacticMatches, 0 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 48 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=817occurred in iteration=8, InterpolantAutomatonStates: 53, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 15 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 734 NumberOfCodeBlocks, 734 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 722 ConstructedInterpolants, 0 QuantifiedInterpolants, 1186 SizeOfPredicates, 1 NumberOfNonLiveVariables, 620 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 12 InterpolantComputations, 10 PerfectInterpolantSequences, 112/116 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 976]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 503]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0))) || (((methaneLevelCritical == 0) && (splverifierCounter == 0)) && (0 != systemActive))) - ProcedureContractResult [Line: 737]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((methaneLevelCritical == 0) && (0 != systemActive)) || ((1 <= methaneLevelCritical) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && (((methaneLevelCritical == 0) && (0 != systemActive)) || ((1 <= methaneLevelCritical) && (0 != systemActive)))) && (((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 627]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((methaneLevelCritical == 0) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: ((((methaneLevelCritical == 0) && (0 != systemActive)) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 890]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((((pumpRunning == 0) && (\old(methaneLevelCritical) == 0)) || ((pumpRunning == 0) && (1 <= \old(methaneLevelCritical)))) || ((\old(methaneLevelCritical) == 0) && (0 != systemActive))) && ((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 603]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((((methaneLevelCritical == 0) && (0 != systemActive)) || ((methaneLevelCritical == 0) && (\old(pumpRunning) == 0))) || ((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0))) || ((1 <= methaneLevelCritical) && (0 != systemActive))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1)))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && ((pumpRunning == 0) || (0 != systemActive))) && (((waterLevel != 1) || (\old(pumpRunning) != 0)) || (\old(waterLevel) == 1))) && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 493]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 902]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || ((methaneLevelCritical == 0) && (0 != systemActive))) || ((1 <= methaneLevelCritical) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0))) Ensures: ((((methaneLevelCritical <= \result) && (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || ((methaneLevelCritical == 0) && (0 != systemActive))) || ((1 <= methaneLevelCritical) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0)))) && ((methaneLevelCritical != 0) || (\result == 0))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 635]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((methaneLevelCritical == 0) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 != systemActive))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((waterLevel != 1) || (\old(pumpRunning) != 0)) || (pumpRunning == 0))) && (((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 878]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || ((methaneLevelCritical == 0) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0))) Ensures: ((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) || ((methaneLevelCritical == 0) && (0 != systemActive))) || ((pumpRunning == 0) && (methaneLevelCritical == 0))) && (((waterLevel != 1) || (pumpRunning != 0)) || (\old(waterLevel) != 1))) && (((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 661]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Ensures: ((((((methaneLevelCritical == 0) && (0 != systemActive)) || (((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 != systemActive))) && ((pumpRunning == 0) || (methaneLevelCritical < 1))) && (((waterLevel != 1) || (\old(pumpRunning) != 0)) || (pumpRunning == 0))) && (((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 745]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((methaneLevelCritical == 0) && (0 != systemActive)) || ((1 <= methaneLevelCritical) && (0 != systemActive))) Ensures: ((((methaneLevelCritical < ((long long) \result + 1)) || (methaneLevelCritical < 1)) && (((methaneLevelCritical == 0) && (0 != systemActive)) || ((1 <= methaneLevelCritical) && (0 != systemActive)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:18:43,080 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE