./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash af2afe79961dd67a52df68c35bd4350c760cf29ba0bba6313951f2194d2dea76 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:19:16,297 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:19:16,368 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:19:16,373 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:19:16,375 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:19:16,406 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:19:16,407 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:19:16,408 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:19:16,408 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:19:16,409 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:19:16,410 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:19:16,410 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:19:16,411 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:19:16,413 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:19:16,413 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:19:16,414 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:19:16,414 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:19:16,414 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:19:16,414 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:19:16,415 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:19:16,415 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:19:16,419 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:19:16,420 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:19:16,420 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:19:16,420 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:19:16,421 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:19:16,421 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:19:16,421 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:19:16,421 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:19:16,422 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:19:16,422 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:19:16,423 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:19:16,423 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:19:16,424 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:19:16,424 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:19:16,424 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:19:16,425 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:19:16,425 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:19:16,425 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:19:16,425 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:19:16,425 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:19:16,426 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:19:16,426 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> af2afe79961dd67a52df68c35bd4350c760cf29ba0bba6313951f2194d2dea76 [2024-11-18 14:19:16,689 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:19:16,710 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:19:16,712 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:19:16,713 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:19:16,713 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:19:16,714 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c [2024-11-18 14:19:18,136 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:19:18,360 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:19:18,360 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c [2024-11-18 14:19:18,375 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ba5e9f272/1ffe758eaef848038d364c81f61d24ca/FLAG91a63e4ab [2024-11-18 14:19:18,388 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/ba5e9f272/1ffe758eaef848038d364c81f61d24ca [2024-11-18 14:19:18,390 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:19:18,391 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:19:18,394 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:19:18,394 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:19:18,398 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:19:18,399 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,399 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7cdb3da2 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18, skipping insertion in model container [2024-11-18 14:19:18,399 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,440 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:19:18,759 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c[19335,19348] [2024-11-18 14:19:18,765 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:19:18,779 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:19:18,788 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2024-11-18 14:19:18,790 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [155] [2024-11-18 14:19:18,790 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [197] [2024-11-18 14:19:18,790 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] [2024-11-18 14:19:18,791 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [631] [2024-11-18 14:19:18,791 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [868] [2024-11-18 14:19:18,791 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [972] [2024-11-18 14:19:18,791 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1007] [2024-11-18 14:19:18,869 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product54.cil.c[19335,19348] [2024-11-18 14:19:18,869 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:19:18,893 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:19:18,894 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18 WrapperNode [2024-11-18 14:19:18,894 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:19:18,895 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:19:18,895 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:19:18,896 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:19:18,903 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,917 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,944 INFO L138 Inliner]: procedures = 58, calls = 104, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 227 [2024-11-18 14:19:18,944 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:19:18,945 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:19:18,945 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:19:18,945 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:19:18,956 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,956 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,958 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,972 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:19:18,972 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,972 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,978 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,982 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,984 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,989 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:18,991 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:19:18,992 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:19:18,992 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:19:18,992 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:19:18,993 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (1/1) ... [2024-11-18 14:19:19,010 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:19:19,020 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:19,037 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:19:19,040 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:19:19,091 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:19:19,091 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:19:19,092 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:19:19,092 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-18 14:19:19,092 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-18 14:19:19,092 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:19:19,092 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:19:19,092 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:19:19,092 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:19:19,092 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:19,092 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:19,093 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:19:19,093 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:19:19,093 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:19,093 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:19,093 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:19:19,093 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:19:19,094 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:19:19,094 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:19:19,094 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:19:19,094 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:19:19,095 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:19:19,177 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:19:19,180 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:19:19,510 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2024-11-18 14:19:19,510 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:19:19,525 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:19:19,526 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:19:19,526 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:19 BoogieIcfgContainer [2024-11-18 14:19:19,529 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:19:19,531 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:19:19,531 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:19:19,535 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:19:19,536 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:19:18" (1/3) ... [2024-11-18 14:19:19,537 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@665e261f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:19:19, skipping insertion in model container [2024-11-18 14:19:19,537 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:18" (2/3) ... [2024-11-18 14:19:19,537 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@665e261f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:19:19, skipping insertion in model container [2024-11-18 14:19:19,538 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:19" (3/3) ... [2024-11-18 14:19:19,539 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product54.cil.c [2024-11-18 14:19:19,558 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:19:19,559 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:19:19,621 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:19:19,627 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@a50b4cc, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:19:19,627 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:19:19,633 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-18 14:19:19,641 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-18 14:19:19,641 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:19,642 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:19,642 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:19,647 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:19,647 INFO L85 PathProgramCache]: Analyzing trace with hash 244440816, now seen corresponding path program 1 times [2024-11-18 14:19:19,654 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:19,654 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [306916161] [2024-11-18 14:19:19,654 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:19,655 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:19,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:19,859 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:19,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:19,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [306916161] [2024-11-18 14:19:19,861 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [306916161] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:19,861 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:19,861 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:19:19,862 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [386988570] [2024-11-18 14:19:19,864 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:19,867 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:19:19,868 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:19,887 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:19:19,887 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:19:19,889 INFO L87 Difference]: Start difference. First operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:19,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:19,922 INFO L93 Difference]: Finished difference Result 197 states and 268 transitions. [2024-11-18 14:19:19,924 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:19:19,925 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-18 14:19:19,925 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:19,932 INFO L225 Difference]: With dead ends: 197 [2024-11-18 14:19:19,933 INFO L226 Difference]: Without dead ends: 94 [2024-11-18 14:19:19,936 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:19:19,938 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:19,939 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 131 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:19,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-18 14:19:19,973 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-18 14:19:19,975 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 69 states have (on average 1.318840579710145) internal successors, (91), 78 states have internal predecessors, (91), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-18 14:19:19,977 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-11-18 14:19:19,979 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 25 [2024-11-18 14:19:19,980 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:19,980 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-11-18 14:19:19,980 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:19,981 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-11-18 14:19:19,983 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-18 14:19:19,983 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:19,983 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:19,983 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:19:19,983 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:19,984 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:19,984 INFO L85 PathProgramCache]: Analyzing trace with hash -1307515066, now seen corresponding path program 1 times [2024-11-18 14:19:19,984 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:19,985 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [828360120] [2024-11-18 14:19:19,985 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:19,985 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:20,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:20,109 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:20,110 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:20,110 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [828360120] [2024-11-18 14:19:20,110 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [828360120] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:20,111 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:20,111 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:20,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1878650363] [2024-11-18 14:19:20,111 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:20,112 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:20,113 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:20,113 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:20,114 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:20,114 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:20,142 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:20,145 INFO L93 Difference]: Finished difference Result 152 states and 198 transitions. [2024-11-18 14:19:20,146 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:20,146 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-18 14:19:20,146 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:20,148 INFO L225 Difference]: With dead ends: 152 [2024-11-18 14:19:20,148 INFO L226 Difference]: Without dead ends: 85 [2024-11-18 14:19:20,149 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:20,152 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 13 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:20,152 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:20,153 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-18 14:19:20,163 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-18 14:19:20,165 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 72 states have internal predecessors, (84), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-18 14:19:20,167 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 110 transitions. [2024-11-18 14:19:20,168 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 110 transitions. Word has length 26 [2024-11-18 14:19:20,168 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:20,169 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 110 transitions. [2024-11-18 14:19:20,169 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:20,169 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 110 transitions. [2024-11-18 14:19:20,170 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-18 14:19:20,170 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:20,170 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:20,170 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:19:20,171 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:20,171 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:20,171 INFO L85 PathProgramCache]: Analyzing trace with hash 1771610293, now seen corresponding path program 1 times [2024-11-18 14:19:20,172 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:20,172 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1951118422] [2024-11-18 14:19:20,172 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:20,173 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:20,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:20,349 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:20,350 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:20,350 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1951118422] [2024-11-18 14:19:20,350 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1951118422] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:20,350 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:20,350 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:19:20,350 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1755319746] [2024-11-18 14:19:20,351 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:20,351 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:19:20,351 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:20,352 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:19:20,352 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:20,355 INFO L87 Difference]: Start difference. First operand 85 states and 110 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:20,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:20,431 INFO L93 Difference]: Finished difference Result 162 states and 213 transitions. [2024-11-18 14:19:20,431 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:19:20,431 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-18 14:19:20,432 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:20,433 INFO L225 Difference]: With dead ends: 162 [2024-11-18 14:19:20,433 INFO L226 Difference]: Without dead ends: 85 [2024-11-18 14:19:20,434 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:19:20,438 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 104 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:20,438 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 316 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:20,439 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-18 14:19:20,451 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-18 14:19:20,454 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 72 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-18 14:19:20,455 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-18 14:19:20,456 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 31 [2024-11-18 14:19:20,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:20,456 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-18 14:19:20,457 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:20,457 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-18 14:19:20,458 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-18 14:19:20,459 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:20,459 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:20,459 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:19:20,459 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:20,460 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:20,460 INFO L85 PathProgramCache]: Analyzing trace with hash 1359704802, now seen corresponding path program 1 times [2024-11-18 14:19:20,460 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:20,461 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1795064438] [2024-11-18 14:19:20,461 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:20,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:20,501 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:20,544 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:19:20,544 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:20,545 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1795064438] [2024-11-18 14:19:20,545 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1795064438] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:20,545 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:20,545 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:20,545 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1556085333] [2024-11-18 14:19:20,545 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:20,546 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:20,546 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:20,546 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:20,546 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:20,547 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-18 14:19:20,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:20,603 INFO L93 Difference]: Finished difference Result 210 states and 278 transitions. [2024-11-18 14:19:20,604 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:20,604 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 44 [2024-11-18 14:19:20,605 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:20,606 INFO L225 Difference]: With dead ends: 210 [2024-11-18 14:19:20,606 INFO L226 Difference]: Without dead ends: 133 [2024-11-18 14:19:20,607 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:20,611 INFO L432 NwaCegarLoop]: 127 mSDtfsCounter, 78 mSDsluCounter, 75 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:20,613 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 202 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:20,614 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2024-11-18 14:19:20,638 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 131. [2024-11-18 14:19:20,638 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 131 states, 98 states have (on average 1.2959183673469388) internal successors, (127), 106 states have internal predecessors, (127), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-18 14:19:20,641 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 131 states to 131 states and 167 transitions. [2024-11-18 14:19:20,642 INFO L78 Accepts]: Start accepts. Automaton has 131 states and 167 transitions. Word has length 44 [2024-11-18 14:19:20,642 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:20,643 INFO L471 AbstractCegarLoop]: Abstraction has 131 states and 167 transitions. [2024-11-18 14:19:20,643 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-18 14:19:20,643 INFO L276 IsEmpty]: Start isEmpty. Operand 131 states and 167 transitions. [2024-11-18 14:19:20,644 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:20,648 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:20,648 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:20,648 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:19:20,648 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:20,649 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:20,649 INFO L85 PathProgramCache]: Analyzing trace with hash 179521665, now seen corresponding path program 1 times [2024-11-18 14:19:20,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:20,649 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [930299369] [2024-11-18 14:19:20,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:20,650 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:20,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:20,764 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:20,764 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:20,764 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [930299369] [2024-11-18 14:19:20,764 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [930299369] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:20,764 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:20,765 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:19:20,765 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [767771900] [2024-11-18 14:19:20,765 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:20,765 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:19:20,765 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:20,766 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:19:20,766 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:20,768 INFO L87 Difference]: Start difference. First operand 131 states and 167 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:20,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:20,803 INFO L93 Difference]: Finished difference Result 257 states and 336 transitions. [2024-11-18 14:19:20,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:19:20,804 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-18 14:19:20,805 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:20,807 INFO L225 Difference]: With dead ends: 257 [2024-11-18 14:19:20,809 INFO L226 Difference]: Without dead ends: 134 [2024-11-18 14:19:20,810 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:20,813 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:20,813 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 418 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:20,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 134 states. [2024-11-18 14:19:20,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 134 to 134. [2024-11-18 14:19:20,837 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 134 states, 101 states have (on average 1.2871287128712872) internal successors, (130), 109 states have internal predecessors, (130), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-18 14:19:20,837 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 134 states to 134 states and 170 transitions. [2024-11-18 14:19:20,838 INFO L78 Accepts]: Start accepts. Automaton has 134 states and 170 transitions. Word has length 50 [2024-11-18 14:19:20,838 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:20,838 INFO L471 AbstractCegarLoop]: Abstraction has 134 states and 170 transitions. [2024-11-18 14:19:20,839 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:20,839 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 170 transitions. [2024-11-18 14:19:20,842 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:20,842 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:20,842 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:20,842 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:19:20,842 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:20,843 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:20,846 INFO L85 PathProgramCache]: Analyzing trace with hash 602223491, now seen corresponding path program 1 times [2024-11-18 14:19:20,846 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:20,846 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1089953255] [2024-11-18 14:19:20,846 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:20,847 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:20,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:20,965 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:20,965 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:20,965 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1089953255] [2024-11-18 14:19:20,965 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1089953255] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:20,965 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:20,966 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:19:20,966 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1731880434] [2024-11-18 14:19:20,966 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:20,966 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:19:20,966 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:20,968 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:19:20,968 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:20,969 INFO L87 Difference]: Start difference. First operand 134 states and 170 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:20,995 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:20,995 INFO L93 Difference]: Finished difference Result 262 states and 347 transitions. [2024-11-18 14:19:20,996 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:19:20,996 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-18 14:19:20,997 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:20,998 INFO L225 Difference]: With dead ends: 262 [2024-11-18 14:19:20,999 INFO L226 Difference]: Without dead ends: 136 [2024-11-18 14:19:21,000 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:21,001 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 0 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 315 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:21,005 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 315 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:21,006 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 136 states. [2024-11-18 14:19:21,022 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 136 to 136. [2024-11-18 14:19:21,023 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 136 states, 103 states have (on average 1.2815533980582525) internal successors, (132), 111 states have internal predecessors, (132), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-18 14:19:21,024 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 136 states to 136 states and 172 transitions. [2024-11-18 14:19:21,026 INFO L78 Accepts]: Start accepts. Automaton has 136 states and 172 transitions. Word has length 50 [2024-11-18 14:19:21,027 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:21,027 INFO L471 AbstractCegarLoop]: Abstraction has 136 states and 172 transitions. [2024-11-18 14:19:21,027 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:21,027 INFO L276 IsEmpty]: Start isEmpty. Operand 136 states and 172 transitions. [2024-11-18 14:19:21,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:21,028 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:21,029 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:21,029 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:19:21,031 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:21,032 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:21,032 INFO L85 PathProgramCache]: Analyzing trace with hash -1203214843, now seen corresponding path program 1 times [2024-11-18 14:19:21,032 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:21,032 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1348844577] [2024-11-18 14:19:21,033 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:21,033 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:21,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:21,129 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:21,130 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:21,130 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1348844577] [2024-11-18 14:19:21,130 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1348844577] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:21,130 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:21,130 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:19:21,130 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [660282890] [2024-11-18 14:19:21,131 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:21,131 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:19:21,131 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:21,132 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:19:21,132 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:21,132 INFO L87 Difference]: Start difference. First operand 136 states and 172 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:19:21,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:21,277 INFO L93 Difference]: Finished difference Result 441 states and 579 transitions. [2024-11-18 14:19:21,278 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:19:21,278 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-18 14:19:21,278 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:21,283 INFO L225 Difference]: With dead ends: 441 [2024-11-18 14:19:21,283 INFO L226 Difference]: Without dead ends: 313 [2024-11-18 14:19:21,284 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:21,285 INFO L432 NwaCegarLoop]: 193 mSDtfsCounter, 143 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 143 SdHoareTripleChecker+Valid, 376 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:21,285 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [143 Valid, 376 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:21,286 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 313 states. [2024-11-18 14:19:21,347 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 313 to 304. [2024-11-18 14:19:21,348 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 304 states, 228 states have (on average 1.2675438596491229) internal successors, (289), 243 states have internal predecessors, (289), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2024-11-18 14:19:21,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 304 states to 304 states and 392 transitions. [2024-11-18 14:19:21,353 INFO L78 Accepts]: Start accepts. Automaton has 304 states and 392 transitions. Word has length 50 [2024-11-18 14:19:21,354 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:21,354 INFO L471 AbstractCegarLoop]: Abstraction has 304 states and 392 transitions. [2024-11-18 14:19:21,354 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:19:21,354 INFO L276 IsEmpty]: Start isEmpty. Operand 304 states and 392 transitions. [2024-11-18 14:19:21,357 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-18 14:19:21,357 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:21,357 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:21,358 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:19:21,358 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:21,358 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:21,359 INFO L85 PathProgramCache]: Analyzing trace with hash 1971090006, now seen corresponding path program 1 times [2024-11-18 14:19:21,359 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:21,359 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [362678028] [2024-11-18 14:19:21,359 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:21,359 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:21,379 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:21,486 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:21,487 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:21,487 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [362678028] [2024-11-18 14:19:21,487 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [362678028] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:21,488 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:21,488 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-18 14:19:21,489 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [879841210] [2024-11-18 14:19:21,489 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:21,489 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:19:21,490 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:21,490 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:19:21,491 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:21,491 INFO L87 Difference]: Start difference. First operand 304 states and 392 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:21,777 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:21,777 INFO L93 Difference]: Finished difference Result 638 states and 831 transitions. [2024-11-18 14:19:21,777 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2024-11-18 14:19:21,778 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-18 14:19:21,778 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:21,781 INFO L225 Difference]: With dead ends: 638 [2024-11-18 14:19:21,783 INFO L226 Difference]: Without dead ends: 342 [2024-11-18 14:19:21,785 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=75, Unknown=0, NotChecked=0, Total=110 [2024-11-18 14:19:21,785 INFO L432 NwaCegarLoop]: 82 mSDtfsCounter, 131 mSDsluCounter, 271 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 136 SdHoareTripleChecker+Valid, 353 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:21,786 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [136 Valid, 353 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:19:21,789 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 342 states. [2024-11-18 14:19:21,829 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 342 to 340. [2024-11-18 14:19:21,830 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 340 states, 254 states have (on average 1.236220472440945) internal successors, (314), 269 states have internal predecessors, (314), 42 states have call successors, (42), 35 states have call predecessors, (42), 43 states have return successors, (77), 45 states have call predecessors, (77), 42 states have call successors, (77) [2024-11-18 14:19:21,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 340 states to 340 states and 433 transitions. [2024-11-18 14:19:21,834 INFO L78 Accepts]: Start accepts. Automaton has 340 states and 433 transitions. Word has length 52 [2024-11-18 14:19:21,835 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:21,835 INFO L471 AbstractCegarLoop]: Abstraction has 340 states and 433 transitions. [2024-11-18 14:19:21,836 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 6 states have internal predecessors, (43), 3 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:21,836 INFO L276 IsEmpty]: Start isEmpty. Operand 340 states and 433 transitions. [2024-11-18 14:19:21,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-18 14:19:21,839 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:21,839 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:21,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:19:21,840 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:21,840 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:21,841 INFO L85 PathProgramCache]: Analyzing trace with hash 1743345695, now seen corresponding path program 1 times [2024-11-18 14:19:21,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:21,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1642632504] [2024-11-18 14:19:21,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:21,843 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:21,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:21,897 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:21,897 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:21,897 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1642632504] [2024-11-18 14:19:21,897 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1642632504] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:21,897 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:21,898 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:21,898 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1201058500] [2024-11-18 14:19:21,898 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:21,898 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:21,898 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:21,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:21,900 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:21,901 INFO L87 Difference]: Start difference. First operand 340 states and 433 transitions. Second operand has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:21,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:21,951 INFO L93 Difference]: Finished difference Result 570 states and 751 transitions. [2024-11-18 14:19:21,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:21,952 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-18 14:19:21,953 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:21,957 INFO L225 Difference]: With dead ends: 570 [2024-11-18 14:19:21,958 INFO L226 Difference]: Without dead ends: 568 [2024-11-18 14:19:21,958 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:21,959 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 80 mSDsluCounter, 97 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 206 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:21,960 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 206 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:21,961 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 568 states. [2024-11-18 14:19:22,011 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 568 to 534. [2024-11-18 14:19:22,013 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 534 states, 395 states have (on average 1.2430379746835443) internal successors, (491), 421 states have internal predecessors, (491), 68 states have call successors, (68), 56 states have call predecessors, (68), 70 states have return successors, (148), 70 states have call predecessors, (148), 68 states have call successors, (148) [2024-11-18 14:19:22,017 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 534 states to 534 states and 707 transitions. [2024-11-18 14:19:22,018 INFO L78 Accepts]: Start accepts. Automaton has 534 states and 707 transitions. Word has length 54 [2024-11-18 14:19:22,018 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:22,018 INFO L471 AbstractCegarLoop]: Abstraction has 534 states and 707 transitions. [2024-11-18 14:19:22,019 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:22,019 INFO L276 IsEmpty]: Start isEmpty. Operand 534 states and 707 transitions. [2024-11-18 14:19:22,023 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-18 14:19:22,024 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:22,025 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:22,025 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:19:22,025 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:22,025 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:22,026 INFO L85 PathProgramCache]: Analyzing trace with hash 950740966, now seen corresponding path program 1 times [2024-11-18 14:19:22,026 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:22,026 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2058306778] [2024-11-18 14:19:22,026 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,026 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:22,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,186 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 25 proven. 10 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-18 14:19:22,186 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:22,186 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2058306778] [2024-11-18 14:19:22,187 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2058306778] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:22,187 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1026731435] [2024-11-18 14:19:22,187 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,187 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:22,187 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:22,189 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:22,192 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:19:22,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,313 INFO L255 TraceCheckSpWp]: Trace formula consists of 359 conjuncts, 2 conjuncts are in the unsatisfiable core [2024-11-18 14:19:22,322 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:22,382 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-18 14:19:22,383 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:22,383 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1026731435] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:22,383 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:22,383 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2024-11-18 14:19:22,384 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2147266046] [2024-11-18 14:19:22,384 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:22,384 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:22,384 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:22,385 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:22,385 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:22,385 INFO L87 Difference]: Start difference. First operand 534 states and 707 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-18 14:19:22,454 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:22,454 INFO L93 Difference]: Finished difference Result 1127 states and 1547 transitions. [2024-11-18 14:19:22,455 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:22,455 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 111 [2024-11-18 14:19:22,456 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:22,459 INFO L225 Difference]: With dead ends: 1127 [2024-11-18 14:19:22,459 INFO L226 Difference]: Without dead ends: 653 [2024-11-18 14:19:22,461 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:22,462 INFO L432 NwaCegarLoop]: 200 mSDtfsCounter, 75 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 302 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:22,462 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 302 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:22,463 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 653 states. [2024-11-18 14:19:22,509 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 653 to 651. [2024-11-18 14:19:22,511 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 651 states, 483 states have (on average 1.236024844720497) internal successors, (597), 511 states have internal predecessors, (597), 84 states have call successors, (84), 74 states have call predecessors, (84), 83 states have return successors, (170), 82 states have call predecessors, (170), 84 states have call successors, (170) [2024-11-18 14:19:22,515 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 651 states to 651 states and 851 transitions. [2024-11-18 14:19:22,516 INFO L78 Accepts]: Start accepts. Automaton has 651 states and 851 transitions. Word has length 111 [2024-11-18 14:19:22,516 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:22,516 INFO L471 AbstractCegarLoop]: Abstraction has 651 states and 851 transitions. [2024-11-18 14:19:22,517 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-18 14:19:22,517 INFO L276 IsEmpty]: Start isEmpty. Operand 651 states and 851 transitions. [2024-11-18 14:19:22,520 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-18 14:19:22,520 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:22,520 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:22,539 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-18 14:19:22,721 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:19:22,721 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:22,722 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:22,722 INFO L85 PathProgramCache]: Analyzing trace with hash -1972419032, now seen corresponding path program 1 times [2024-11-18 14:19:22,722 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:22,722 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1480623612] [2024-11-18 14:19:22,722 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,723 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:22,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,830 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 25 proven. 10 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-18 14:19:22,831 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:22,831 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1480623612] [2024-11-18 14:19:22,831 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1480623612] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:22,831 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [568148368] [2024-11-18 14:19:22,831 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,832 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:22,832 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:22,833 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:22,835 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-18 14:19:22,933 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,935 INFO L255 TraceCheckSpWp]: Trace formula consists of 361 conjuncts, 4 conjuncts are in the unsatisfiable core [2024-11-18 14:19:22,938 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:23,020 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 47 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:19:23,023 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:23,023 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [568148368] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,023 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:23,023 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [5] total 6 [2024-11-18 14:19:23,023 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [407510751] [2024-11-18 14:19:23,024 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,024 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:19:23,024 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,025 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:19:23,025 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:23,025 INFO L87 Difference]: Start difference. First operand 651 states and 851 transitions. Second operand has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (11), 4 states have call predecessors, (11), 4 states have return successors, (10), 3 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-18 14:19:23,393 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:23,394 INFO L93 Difference]: Finished difference Result 1350 states and 1800 transitions. [2024-11-18 14:19:23,395 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-18 14:19:23,395 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (11), 4 states have call predecessors, (11), 4 states have return successors, (10), 3 states have call predecessors, (10), 3 states have call successors, (10) Word has length 111 [2024-11-18 14:19:23,395 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:23,401 INFO L225 Difference]: With dead ends: 1350 [2024-11-18 14:19:23,401 INFO L226 Difference]: Without dead ends: 759 [2024-11-18 14:19:23,403 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 119 GetRequests, 113 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=38, Unknown=0, NotChecked=0, Total=56 [2024-11-18 14:19:23,404 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 156 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 249 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 164 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 295 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 249 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:23,404 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [164 Valid, 312 Invalid, 295 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 249 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-18 14:19:23,405 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 759 states. [2024-11-18 14:19:23,471 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 759 to 741. [2024-11-18 14:19:23,472 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 741 states, 549 states have (on average 1.2276867030965393) internal successors, (674), 581 states have internal predecessors, (674), 98 states have call successors, (98), 83 states have call predecessors, (98), 93 states have return successors, (197), 95 states have call predecessors, (197), 98 states have call successors, (197) [2024-11-18 14:19:23,476 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 741 states to 741 states and 969 transitions. [2024-11-18 14:19:23,477 INFO L78 Accepts]: Start accepts. Automaton has 741 states and 969 transitions. Word has length 111 [2024-11-18 14:19:23,477 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:23,477 INFO L471 AbstractCegarLoop]: Abstraction has 741 states and 969 transitions. [2024-11-18 14:19:23,478 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 17.6) internal successors, (88), 4 states have internal predecessors, (88), 3 states have call successors, (11), 4 states have call predecessors, (11), 4 states have return successors, (10), 3 states have call predecessors, (10), 3 states have call successors, (10) [2024-11-18 14:19:23,478 INFO L276 IsEmpty]: Start isEmpty. Operand 741 states and 969 transitions. [2024-11-18 14:19:23,480 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2024-11-18 14:19:23,480 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:23,480 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:23,497 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-18 14:19:23,680 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-18 14:19:23,681 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:23,681 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:23,682 INFO L85 PathProgramCache]: Analyzing trace with hash 2104240770, now seen corresponding path program 1 times [2024-11-18 14:19:23,682 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:23,682 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1514711630] [2024-11-18 14:19:23,682 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,682 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,786 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 22 proven. 5 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-18 14:19:23,787 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:23,787 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1514711630] [2024-11-18 14:19:23,787 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1514711630] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:23,787 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1716847673] [2024-11-18 14:19:23,787 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,788 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:23,788 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:23,789 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:23,791 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-18 14:19:23,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,880 INFO L255 TraceCheckSpWp]: Trace formula consists of 328 conjuncts, 4 conjuncts are in the unsatisfiable core [2024-11-18 14:19:23,883 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:23,931 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 41 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:23,931 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:23,931 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1716847673] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,932 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:23,932 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [6] total 7 [2024-11-18 14:19:23,932 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1389214311] [2024-11-18 14:19:23,932 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,932 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:23,933 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,933 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:23,933 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=28, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:19:23,934 INFO L87 Difference]: Start difference. First operand 741 states and 969 transitions. Second operand has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-18 14:19:24,032 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:24,032 INFO L93 Difference]: Finished difference Result 1254 states and 1672 transitions. [2024-11-18 14:19:24,033 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:24,033 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) Word has length 98 [2024-11-18 14:19:24,034 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:24,038 INFO L225 Difference]: With dead ends: 1254 [2024-11-18 14:19:24,038 INFO L226 Difference]: Without dead ends: 625 [2024-11-18 14:19:24,041 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 105 GetRequests, 100 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=14, Invalid=28, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:19:24,041 INFO L432 NwaCegarLoop]: 152 mSDtfsCounter, 51 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:24,042 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 222 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:24,043 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 625 states. [2024-11-18 14:19:24,087 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 625 to 625. [2024-11-18 14:19:24,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 625 states, 463 states have (on average 1.205183585313175) internal successors, (558), 490 states have internal predecessors, (558), 83 states have call successors, (83), 73 states have call predecessors, (83), 78 states have return successors, (126), 80 states have call predecessors, (126), 83 states have call successors, (126) [2024-11-18 14:19:24,091 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 625 states to 625 states and 767 transitions. [2024-11-18 14:19:24,092 INFO L78 Accepts]: Start accepts. Automaton has 625 states and 767 transitions. Word has length 98 [2024-11-18 14:19:24,093 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:24,093 INFO L471 AbstractCegarLoop]: Abstraction has 625 states and 767 transitions. [2024-11-18 14:19:24,093 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 27.0) internal successors, (81), 3 states have internal predecessors, (81), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-18 14:19:24,093 INFO L276 IsEmpty]: Start isEmpty. Operand 625 states and 767 transitions. [2024-11-18 14:19:24,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2024-11-18 14:19:24,095 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:24,095 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:24,112 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-18 14:19:24,296 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:24,297 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:24,297 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:24,297 INFO L85 PathProgramCache]: Analyzing trace with hash 192141936, now seen corresponding path program 1 times [2024-11-18 14:19:24,297 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:24,298 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1412658912] [2024-11-18 14:19:24,298 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:24,298 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:24,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:24,546 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-18 14:19:24,546 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:24,546 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1412658912] [2024-11-18 14:19:24,547 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1412658912] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:24,547 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1724189432] [2024-11-18 14:19:24,547 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:24,547 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:24,547 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:24,550 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:24,551 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-18 14:19:24,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:24,648 INFO L255 TraceCheckSpWp]: Trace formula consists of 351 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-11-18 14:19:24,654 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:24,842 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 7 proven. 2 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2024-11-18 14:19:24,843 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:19:25,027 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2024-11-18 14:19:25,028 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1724189432] provided 1 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:25,028 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2024-11-18 14:19:25,028 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 12 [2024-11-18 14:19:25,028 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2118283781] [2024-11-18 14:19:25,028 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:25,029 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:19:25,029 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:25,030 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:19:25,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=108, Unknown=0, NotChecked=0, Total=132 [2024-11-18 14:19:25,030 INFO L87 Difference]: Start difference. First operand 625 states and 767 transitions. Second operand has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-18 14:19:25,264 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:25,264 INFO L93 Difference]: Finished difference Result 1785 states and 2238 transitions. [2024-11-18 14:19:25,265 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:19:25,265 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) Word has length 108 [2024-11-18 14:19:25,265 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:25,273 INFO L225 Difference]: With dead ends: 1785 [2024-11-18 14:19:25,273 INFO L226 Difference]: Without dead ends: 1168 [2024-11-18 14:19:25,277 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 212 SyntacticMatches, 1 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=32, Invalid=150, Unknown=0, NotChecked=0, Total=182 [2024-11-18 14:19:25,277 INFO L432 NwaCegarLoop]: 107 mSDtfsCounter, 67 mSDsluCounter, 379 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 486 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:25,278 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 486 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:25,280 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1168 states. [2024-11-18 14:19:25,367 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1168 to 1067. [2024-11-18 14:19:25,369 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1067 states, 784 states have (on average 1.1785714285714286) internal successors, (924), 831 states have internal predecessors, (924), 143 states have call successors, (143), 127 states have call predecessors, (143), 139 states have return successors, (221), 140 states have call predecessors, (221), 143 states have call successors, (221) [2024-11-18 14:19:25,374 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1067 states to 1067 states and 1288 transitions. [2024-11-18 14:19:25,376 INFO L78 Accepts]: Start accepts. Automaton has 1067 states and 1288 transitions. Word has length 108 [2024-11-18 14:19:25,376 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:25,376 INFO L471 AbstractCegarLoop]: Abstraction has 1067 states and 1288 transitions. [2024-11-18 14:19:25,376 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-18 14:19:25,377 INFO L276 IsEmpty]: Start isEmpty. Operand 1067 states and 1288 transitions. [2024-11-18 14:19:25,381 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2024-11-18 14:19:25,381 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:25,381 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:25,399 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-11-18 14:19:25,582 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:25,583 INFO L396 AbstractCegarLoop]: === Iteration 14 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:25,583 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:25,583 INFO L85 PathProgramCache]: Analyzing trace with hash 1563413676, now seen corresponding path program 1 times [2024-11-18 14:19:25,583 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:25,583 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1255634880] [2024-11-18 14:19:25,583 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:25,583 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:25,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:25,720 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-11-18 14:19:25,721 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:25,721 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1255634880] [2024-11-18 14:19:25,721 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1255634880] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:25,721 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [718226954] [2024-11-18 14:19:25,721 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:25,722 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:25,722 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:25,724 INFO L229 MonitoredProcess]: Starting monitored process 6 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:25,725 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-11-18 14:19:25,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:25,826 INFO L255 TraceCheckSpWp]: Trace formula consists of 361 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-18 14:19:25,829 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:25,977 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 30 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-18 14:19:25,977 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:25,977 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [718226954] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:25,977 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:25,977 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [7] total 12 [2024-11-18 14:19:25,977 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1215857762] [2024-11-18 14:19:25,977 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:25,978 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-18 14:19:25,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:25,978 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-18 14:19:25,978 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2024-11-18 14:19:25,979 INFO L87 Difference]: Start difference. First operand 1067 states and 1288 transitions. Second operand has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) [2024-11-18 14:19:26,132 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:26,132 INFO L93 Difference]: Finished difference Result 1910 states and 2302 transitions. [2024-11-18 14:19:26,133 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:19:26,133 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) Word has length 112 [2024-11-18 14:19:26,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:26,135 INFO L225 Difference]: With dead ends: 1910 [2024-11-18 14:19:26,135 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:19:26,139 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 108 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=172, Unknown=0, NotChecked=0, Total=210 [2024-11-18 14:19:26,140 INFO L432 NwaCegarLoop]: 175 mSDtfsCounter, 27 mSDsluCounter, 760 mSDsCounter, 0 mSdLazyCounter, 61 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 28 SdHoareTripleChecker+Valid, 935 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 61 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:26,140 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [28 Valid, 935 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 61 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:26,140 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:19:26,141 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:19:26,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:19:26,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:19:26,142 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 112 [2024-11-18 14:19:26,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:26,142 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:19:26,143 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) [2024-11-18 14:19:26,143 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:19:26,143 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:19:26,145 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:19:26,163 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2024-11-18 14:19:26,346 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable13 [2024-11-18 14:19:26,348 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:26,350 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:19:32,463 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:19:32,481 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (<= 1 |old(~pumpRunning~0)|)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1))) [2024-11-18 14:19:32,513 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse4 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 .cse2 .cse0 .cse3) (and .cse1 .cse2 .cse4 .cse3) (and .cse5 .cse2 .cse0 .cse3) (and .cse5 .cse4 (<= 2 ~waterLevel~0) .cse3))))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (and (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse0) (= ~methaneLevelCritical~0 0)) (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse4 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 .cse2 .cse0 .cse3) (and .cse1 .cse2 .cse4 .cse3) (and .cse5 .cse2 .cse0 .cse3) (and .cse5 .cse4 (<= 2 ~waterLevel~0) .cse3)))))) [2024-11-18 14:19:32,520 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:32,548 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse4 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (= |old(~methAndRunningLastTime~0)| 0)) (.cse0 (not .cse4))) (and (or .cse0 .cse1) (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (< 0 |old(~waterLevel~0)|) (<= ~waterLevel~0 0)) (or (not .cse2) .cse1 (< ~methaneLevelCritical~0 1)) (let ((.cse3 (= ~methaneLevelCritical~0 0)) (.cse6 (<= 1 ~methaneLevelCritical~0)) (.cse7 (<= 1 |old(~pumpRunning~0)|)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse3 .cse2 .cse4 .cse5) (and .cse6 .cse2 .cse4 .cse5) (and .cse3 .cse7 .cse5) (and .cse6 (<= 2 |old(~waterLevel~0)|) .cse7 .cse5) (and .cse6 .cse2 .cse7 .cse5))) (<= |old(~waterLevel~0)| ~waterLevel~0) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1))))) Eliminated clause: (let ((.cse6 (= ~pumpRunning~0 0))) (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse7 (not .cse6))) (and (exists ((|old(~methAndRunningLastTime~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~methAndRunningLastTime~0)| 0))) (and (or (not .cse0) .cse1 (< ~methaneLevelCritical~0 1)) (let ((.cse2 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse5 .cse0 .cse4) (and .cse6 .cse5 .cse0 .cse4) (and .cse2 .cse5 (<= 2 |old(~waterLevel~0)|) .cse4) (and .cse6 .cse3 .cse0 .cse4))) (or .cse7 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or (< ~waterLevel~0 1) (< 0 |old(~waterLevel~0)|)) (<= |old(~waterLevel~0)| ~waterLevel~0)))) (or .cse1 .cse7)))) [2024-11-18 14:19:32,562 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:32,572 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 |old(~pumpRunning~0)|) .cse1) (and .cse2 (<= 1 ~methaneLevelCritical~0) .cse1) (and .cse2 .cse0 (= |old(~pumpRunning~0)| 0) .cse1))) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (or .cse0 (< ~methaneLevelCritical~0 1)) (let ((.cse3 (= ~methAndRunningLastTime~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse1 .cse2) (and .cse3 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse3 .cse1 .cse2))))) [2024-11-18 14:19:32,591 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse4 (= ~pumpRunning~0 0))) (and (or (< 0 |old(~waterLevel~0)|) (<= ~waterLevel~0 0)) (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse5 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 (<= 2 |old(~waterLevel~0)|) .cse3))) (or (not .cse4) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (<= |old(~waterLevel~0)| ~waterLevel~0))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse4 (= ~pumpRunning~0 0))) (and (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse1 .cse5 .cse3) (and .cse4 .cse1 .cse2 .cse3) (and .cse0 .cse5 (<= 2 |old(~waterLevel~0)|) .cse3))) (or (not .cse4) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or (< ~waterLevel~0 1) (< 0 |old(~waterLevel~0)|)) (<= |old(~waterLevel~0)| ~waterLevel~0)))) [2024-11-18 14:19:32,596 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:32,602 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 |old(~pumpRunning~0)|) .cse1) (and .cse2 (<= 1 ~methaneLevelCritical~0) .cse1) (and .cse2 .cse0 (= |old(~pumpRunning~0)| 0) .cse1))) (or (= ~pumpRunning~0 0) (< ~methaneLevelCritical~0 1))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (or .cse0 (< ~methaneLevelCritical~0 1)) (let ((.cse3 (= ~methAndRunningLastTime~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse1 .cse2) (and .cse3 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse3 .cse1 .cse2))))) [2024-11-18 14:19:32,606 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:19:32 BoogieIcfgContainer [2024-11-18 14:19:32,607 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:19:32,608 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:19:32,608 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:19:32,608 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:19:32,609 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:19" (3/4) ... [2024-11-18 14:19:32,611 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:19:32,615 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-18 14:19:32,615 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:19:32,616 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:32,625 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-18 14:19:32,628 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:19:32,628 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:19:32,629 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:19:32,629 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:19:32,765 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:19:32,766 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:19:32,766 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:19:32,767 INFO L158 Benchmark]: Toolchain (without parser) took 14375.53ms. Allocated memory was 176.2MB in the beginning and 320.9MB in the end (delta: 144.7MB). Free memory was 107.6MB in the beginning and 239.9MB in the end (delta: -132.3MB). Peak memory consumption was 13.7MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,767 INFO L158 Benchmark]: CDTParser took 0.10ms. Allocated memory is still 176.2MB. Free memory is still 137.9MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:19:32,767 INFO L158 Benchmark]: CACSL2BoogieTranslator took 500.90ms. Allocated memory is still 176.2MB. Free memory was 107.4MB in the beginning and 135.6MB in the end (delta: -28.2MB). Peak memory consumption was 10.2MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,769 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.19ms. Allocated memory is still 176.2MB. Free memory was 135.6MB in the beginning and 133.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,769 INFO L158 Benchmark]: Boogie Preprocessor took 46.77ms. Allocated memory is still 176.2MB. Free memory was 132.6MB in the beginning and 130.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,769 INFO L158 Benchmark]: RCFGBuilder took 537.35ms. Allocated memory is still 176.2MB. Free memory was 130.5MB in the beginning and 110.4MB in the end (delta: 20.1MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,769 INFO L158 Benchmark]: TraceAbstraction took 13076.31ms. Allocated memory was 176.2MB in the beginning and 320.9MB in the end (delta: 144.7MB). Free memory was 109.5MB in the beginning and 248.3MB in the end (delta: -138.8MB). Peak memory consumption was 154.5MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,770 INFO L158 Benchmark]: Witness Printer took 158.12ms. Allocated memory is still 320.9MB. Free memory was 248.3MB in the beginning and 239.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:19:32,771 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.10ms. Allocated memory is still 176.2MB. Free memory is still 137.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 500.90ms. Allocated memory is still 176.2MB. Free memory was 107.4MB in the beginning and 135.6MB in the end (delta: -28.2MB). Peak memory consumption was 10.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.19ms. Allocated memory is still 176.2MB. Free memory was 135.6MB in the beginning and 133.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.77ms. Allocated memory is still 176.2MB. Free memory was 132.6MB in the beginning and 130.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 537.35ms. Allocated memory is still 176.2MB. Free memory was 130.5MB in the beginning and 110.4MB in the end (delta: 20.1MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 13076.31ms. Allocated memory was 176.2MB in the beginning and 320.9MB in the end (delta: 144.7MB). Free memory was 109.5MB in the beginning and 248.3MB in the end (delta: -138.8MB). Peak memory consumption was 154.5MB. Max. memory is 16.1GB. * Witness Printer took 158.12ms. Allocated memory is still 320.9MB. Free memory was 248.3MB in the beginning and 239.9MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 155]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [155] - GenericResultAtLocation [Line: 197]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [197] - GenericResultAtLocation [Line: 563]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] - GenericResultAtLocation [Line: 631]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [631] - GenericResultAtLocation [Line: 868]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [868] - GenericResultAtLocation [Line: 972]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [972] - GenericResultAtLocation [Line: 1007]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1007] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1012]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 6.7s, OverallIterations: 14, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 943 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 925 mSDsluCounter, 4775 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2960 mSDsCounter, 109 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 658 IncrementalHoareTripleChecker+Invalid, 767 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 109 mSolverCounterUnsat, 1815 mSDtfsCounter, 658 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 734 GetRequests, 669 SyntacticMatches, 1 SemanticMatches, 64 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1067occurred in iteration=13, InterpolantAutomatonStates: 64, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 14 MinimizatonAttempts, 168 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 2.2s InterpolantComputationTime, 1462 NumberOfCodeBlocks, 1462 NumberOfCodeBlocksAsserted, 19 NumberOfCheckSat, 1550 ConstructedInterpolants, 0 QuantifiedInterpolants, 2723 SizeOfPredicates, 3 NumberOfNonLiveVariables, 1760 ConjunctsInSsa, 29 ConjunctsInUnsatCore, 20 InterpolantComputations, 14 PerfectInterpolantSequences, 442/475 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 574]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 575]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (0 != systemActive)) || (((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (0 != systemActive))) || (((((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (2 <= waterLevel)) && (splverifierCounter == 0)) && (0 != systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (0 != systemActive))) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 758]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: (((pumpRunning == 0) && ((((1 <= methaneLevelCritical) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 665]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive))) Ensures: (((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 != systemActive)) || (((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 896]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical)) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && (((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (0 != systemActive)) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= \old(methaneLevelCritical))) && (0 != systemActive))) || ((((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (0 != systemActive))) || ((((1 <= pumpRunning) && (1 <= \old(methaneLevelCritical))) && (2 <= waterLevel)) && (0 != systemActive)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel)))) - ProcedureContractResult [Line: 908]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || (((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (0 != systemActive))) Ensures: (((((((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 != systemActive))) || (((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || (((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (0 != systemActive))) && (methaneLevelCritical <= \result)) && ((methaneLevelCritical != 0) || (\result == 0))) && (((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 641]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((methAndRunningLastTime == 0) || (pumpRunning != 0)) Ensures: ((((((((((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1))) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (0 != systemActive)) || (\old(pumpRunning) < 1)) || (methaneLevelCritical < 1))) && ((methAndRunningLastTime == 0) || (methaneLevelCritical != 0))) && (((\old(pumpRunning) != 0) || ((1 <= pumpRunning) && (\old(waterLevel) <= waterLevel))) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(waterLevel) <= waterLevel)))) && (((0 < \old(waterLevel)) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 0)) && (\old(waterLevel) <= waterLevel))) || (((pumpRunning == 0) && (waterLevel <= 0)) && (\old(waterLevel) <= waterLevel)))) && (((pumpRunning == \old(pumpRunning)) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (0 != systemActive))) || (\old(pumpRunning) < 1))) && (((((((1 <= methaneLevelCritical) && (2 <= \old(waterLevel))) && (1 <= \old(pumpRunning))) || ((((methaneLevelCritical == 0) && (\old(methAndRunningLastTime) == 0)) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || (((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 <= \old(pumpRunning)))) || ((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || (((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive)))) && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 52]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (head == \old(head))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 673]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive)))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 <= waterLevel))) && ((pumpRunning == \old(pumpRunning)) || (\old(pumpRunning) < 1))) && (((((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || ((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (\old(pumpRunning) == 0)) && (0 != systemActive)))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 884]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: (((((((waterLevel != 1) || (pumpRunning != 0)) || (\old(waterLevel) != 1)) && (\old(waterLevel) <= waterLevel)) && ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) || (((1 <= pumpRunning) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0))) || (((1 <= pumpRunning) && (1 <= methaneLevelCritical)) && (2 <= \old(waterLevel)))) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)))) && (0 != systemActive)) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 699]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: (((pumpRunning == 0) || (methaneLevelCritical < 1)) && (((((1 <= pumpRunning) && (methaneLevelCritical == 0)) && (0 != systemActive)) || (((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (0 != systemActive))) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 != systemActive)))) Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((1 <= pumpRunning) && (2 <= waterLevel))) && (((((methaneLevelCritical == 0) && (1 <= \old(pumpRunning))) && (0 != systemActive)) || ((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (\old(pumpRunning) == 0)) && (0 != systemActive))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (\old(pumpRunning) == 0)) && (0 != systemActive)))) && (((pumpRunning == \old(pumpRunning)) || (pumpRunning == 0)) || (\old(pumpRunning) < 1))) && ((((((cleanupTimeShifts == \old(cleanupTimeShifts)) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:19:32,809 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE