./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash fa0eab3945757815cbe114f72b31b9c97b3f41e20a7d5f245c817ae82afdf9aa --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:19:17,750 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:19:17,851 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:19:17,866 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:19:17,867 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:19:17,922 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:19:17,927 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:19:17,928 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:19:17,929 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:19:17,929 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:19:17,930 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:19:17,930 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:19:17,931 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:19:17,931 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:19:17,932 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:19:17,932 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:19:17,940 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:19:17,940 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:19:17,941 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:19:17,941 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:19:17,941 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:19:17,947 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:19:17,948 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:19:17,948 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:19:17,948 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:19:17,949 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:19:17,949 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:19:17,949 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:19:17,950 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:19:17,950 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:19:17,950 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:19:17,950 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:19:17,951 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:19:17,951 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:19:17,957 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:19:17,958 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:19:17,958 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:19:17,958 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:19:17,958 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:19:17,959 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:19:17,979 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:19:17,980 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:19:17,980 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> fa0eab3945757815cbe114f72b31b9c97b3f41e20a7d5f245c817ae82afdf9aa [2024-11-18 14:19:18,362 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:19:18,412 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:19:18,420 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:19:18,425 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:19:18,426 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:19:18,427 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c [2024-11-18 14:19:20,151 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:19:20,527 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:19:20,529 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c [2024-11-18 14:19:20,552 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5c4b3238c/7dd315eb886c4f46bd04f44df6397e93/FLAG20ae59cf0 [2024-11-18 14:19:20,579 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5c4b3238c/7dd315eb886c4f46bd04f44df6397e93 [2024-11-18 14:19:20,582 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:19:20,584 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:19:20,585 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:19:20,585 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:19:20,592 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:19:20,593 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:19:20" (1/1) ... [2024-11-18 14:19:20,594 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@39d070b0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:20, skipping insertion in model container [2024-11-18 14:19:20,594 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:19:20" (1/1) ... [2024-11-18 14:19:20,637 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:19:21,020 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c[11292,11305] [2024-11-18 14:19:21,094 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:19:21,111 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:19:21,123 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-11-18 14:19:21,125 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] [2024-11-18 14:19:21,125 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [424] [2024-11-18 14:19:21,125 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [535] [2024-11-18 14:19:21,126 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [575] [2024-11-18 14:19:21,126 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [827] [2024-11-18 14:19:21,126 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [897] [2024-11-18 14:19:21,126 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [935] [2024-11-18 14:19:21,181 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec2_product56.cil.c[11292,11305] [2024-11-18 14:19:21,207 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:19:21,227 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:19:21,227 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21 WrapperNode [2024-11-18 14:19:21,228 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:19:21,229 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:19:21,229 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:19:21,229 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:19:21,237 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,256 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,286 INFO L138 Inliner]: procedures = 59, calls = 106, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 232 [2024-11-18 14:19:21,287 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:19:21,287 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:19:21,288 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:19:21,288 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:19:21,300 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,300 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,303 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,323 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:19:21,323 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,324 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,333 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,340 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,343 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,346 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,353 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:19:21,358 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:19:21,358 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:19:21,358 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:19:21,359 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (1/1) ... [2024-11-18 14:19:21,373 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:19:21,408 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:21,443 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:19:21,457 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:19:21,516 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:19:21,517 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:19:21,517 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:19:21,517 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:19:21,517 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:19:21,517 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:19:21,517 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:19:21,518 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-18 14:19:21,518 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-18 14:19:21,518 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:21,518 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:21,519 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:19:21,519 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:19:21,519 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:21,519 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:21,519 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:19:21,520 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:19:21,520 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:19:21,521 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:19:21,521 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:19:21,521 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:19:21,521 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:19:21,638 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:19:21,644 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:19:22,153 INFO L? ?]: Removed 49 outVars from TransFormulas that were not future-live. [2024-11-18 14:19:22,153 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:19:22,168 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:19:22,168 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:19:22,169 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:22 BoogieIcfgContainer [2024-11-18 14:19:22,169 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:19:22,171 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:19:22,171 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:19:22,179 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:19:22,188 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:19:20" (1/3) ... [2024-11-18 14:19:22,190 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4a6320ee and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:19:22, skipping insertion in model container [2024-11-18 14:19:22,190 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:19:21" (2/3) ... [2024-11-18 14:19:22,190 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4a6320ee and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:19:22, skipping insertion in model container [2024-11-18 14:19:22,190 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:22" (3/3) ... [2024-11-18 14:19:22,192 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product56.cil.c [2024-11-18 14:19:22,209 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:19:22,209 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:19:22,287 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:19:22,296 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7c53232f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:19:22,297 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:19:22,301 INFO L276 IsEmpty]: Start isEmpty. Operand has 107 states, 79 states have (on average 1.379746835443038) internal successors, (109), 90 states have internal predecessors, (109), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-18 14:19:22,310 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-18 14:19:22,310 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:22,311 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:22,311 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:22,317 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:22,317 INFO L85 PathProgramCache]: Analyzing trace with hash -1548791886, now seen corresponding path program 1 times [2024-11-18 14:19:22,326 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:22,327 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [154248459] [2024-11-18 14:19:22,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,328 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:22,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,578 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:22,578 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:22,579 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [154248459] [2024-11-18 14:19:22,580 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [154248459] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:22,580 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:22,580 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:19:22,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [945014195] [2024-11-18 14:19:22,586 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:22,594 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:19:22,594 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:22,623 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:19:22,624 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:19:22,627 INFO L87 Difference]: Start difference. First operand has 107 states, 79 states have (on average 1.379746835443038) internal successors, (109), 90 states have internal predecessors, (109), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:22,672 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:22,673 INFO L93 Difference]: Finished difference Result 205 states and 280 transitions. [2024-11-18 14:19:22,674 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:19:22,676 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-18 14:19:22,676 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:22,686 INFO L225 Difference]: With dead ends: 205 [2024-11-18 14:19:22,687 INFO L226 Difference]: Without dead ends: 98 [2024-11-18 14:19:22,692 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:19:22,699 INFO L432 NwaCegarLoop]: 137 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 137 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:22,700 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 137 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:22,723 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 98 states. [2024-11-18 14:19:22,747 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 98 to 98. [2024-11-18 14:19:22,748 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 98 states, 72 states have (on average 1.3194444444444444) internal successors, (95), 82 states have internal predecessors, (95), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-18 14:19:22,750 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 98 states to 98 states and 128 transitions. [2024-11-18 14:19:22,752 INFO L78 Accepts]: Start accepts. Automaton has 98 states and 128 transitions. Word has length 25 [2024-11-18 14:19:22,752 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:22,752 INFO L471 AbstractCegarLoop]: Abstraction has 98 states and 128 transitions. [2024-11-18 14:19:22,753 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:22,753 INFO L276 IsEmpty]: Start isEmpty. Operand 98 states and 128 transitions. [2024-11-18 14:19:22,755 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-18 14:19:22,757 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:22,758 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:22,758 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:19:22,758 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:22,759 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:22,760 INFO L85 PathProgramCache]: Analyzing trace with hash 1194219528, now seen corresponding path program 1 times [2024-11-18 14:19:22,760 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:22,760 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1966165266] [2024-11-18 14:19:22,760 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,761 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:22,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:22,909 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:22,910 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:22,910 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1966165266] [2024-11-18 14:19:22,910 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1966165266] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:22,911 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:22,911 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:22,911 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [565947650] [2024-11-18 14:19:22,912 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:22,914 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:22,914 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:22,915 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:22,916 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:22,917 INFO L87 Difference]: Start difference. First operand 98 states and 128 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:22,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:22,948 INFO L93 Difference]: Finished difference Result 156 states and 204 transitions. [2024-11-18 14:19:22,949 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:22,949 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-18 14:19:22,949 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:22,951 INFO L225 Difference]: With dead ends: 156 [2024-11-18 14:19:22,951 INFO L226 Difference]: Without dead ends: 89 [2024-11-18 14:19:22,952 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:22,955 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 17 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:22,957 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 208 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:22,958 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2024-11-18 14:19:22,971 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 89. [2024-11-18 14:19:22,972 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 89 states, 66 states have (on average 1.3333333333333333) internal successors, (88), 76 states have internal predecessors, (88), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-18 14:19:22,974 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 89 states to 89 states and 116 transitions. [2024-11-18 14:19:22,974 INFO L78 Accepts]: Start accepts. Automaton has 89 states and 116 transitions. Word has length 26 [2024-11-18 14:19:22,975 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:22,975 INFO L471 AbstractCegarLoop]: Abstraction has 89 states and 116 transitions. [2024-11-18 14:19:22,976 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:22,977 INFO L276 IsEmpty]: Start isEmpty. Operand 89 states and 116 transitions. [2024-11-18 14:19:22,978 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-18 14:19:22,978 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:22,978 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:22,979 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:19:22,979 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:22,979 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:22,980 INFO L85 PathProgramCache]: Analyzing trace with hash -72231615, now seen corresponding path program 1 times [2024-11-18 14:19:22,980 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:22,980 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [27896110] [2024-11-18 14:19:22,980 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:22,981 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,163 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:23,163 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:23,163 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [27896110] [2024-11-18 14:19:23,163 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [27896110] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,163 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:23,163 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:23,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [476824691] [2024-11-18 14:19:23,164 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,164 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:23,164 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,165 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:23,165 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:23,166 INFO L87 Difference]: Start difference. First operand 89 states and 116 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:23,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:23,201 INFO L93 Difference]: Finished difference Result 249 states and 331 transitions. [2024-11-18 14:19:23,201 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:23,202 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-18 14:19:23,202 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:23,204 INFO L225 Difference]: With dead ends: 249 [2024-11-18 14:19:23,205 INFO L226 Difference]: Without dead ends: 168 [2024-11-18 14:19:23,206 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:23,207 INFO L432 NwaCegarLoop]: 132 mSDtfsCounter, 108 mSDsluCounter, 103 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 108 SdHoareTripleChecker+Valid, 235 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:23,207 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [108 Valid, 235 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:23,208 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 168 states. [2024-11-18 14:19:23,232 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 168 to 165. [2024-11-18 14:19:23,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 165 states, 120 states have (on average 1.3583333333333334) internal successors, (163), 139 states have internal predecessors, (163), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2024-11-18 14:19:23,235 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 165 states to 165 states and 219 transitions. [2024-11-18 14:19:23,235 INFO L78 Accepts]: Start accepts. Automaton has 165 states and 219 transitions. Word has length 31 [2024-11-18 14:19:23,236 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:23,236 INFO L471 AbstractCegarLoop]: Abstraction has 165 states and 219 transitions. [2024-11-18 14:19:23,236 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:23,236 INFO L276 IsEmpty]: Start isEmpty. Operand 165 states and 219 transitions. [2024-11-18 14:19:23,238 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2024-11-18 14:19:23,238 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:23,239 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:23,239 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:19:23,239 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:23,240 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:23,240 INFO L85 PathProgramCache]: Analyzing trace with hash 301498308, now seen corresponding path program 1 times [2024-11-18 14:19:23,240 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:23,240 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [172871393] [2024-11-18 14:19:23,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,241 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,374 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:23,374 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:23,374 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [172871393] [2024-11-18 14:19:23,375 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [172871393] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,375 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:23,375 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:19:23,375 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1326272569] [2024-11-18 14:19:23,375 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,376 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:19:23,376 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,377 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:19:23,377 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:23,377 INFO L87 Difference]: Start difference. First operand 165 states and 219 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:23,513 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:23,514 INFO L93 Difference]: Finished difference Result 413 states and 564 transitions. [2024-11-18 14:19:23,515 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:19:23,515 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 34 [2024-11-18 14:19:23,515 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:23,518 INFO L225 Difference]: With dead ends: 413 [2024-11-18 14:19:23,518 INFO L226 Difference]: Without dead ends: 256 [2024-11-18 14:19:23,520 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:19:23,521 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 76 mSDsluCounter, 302 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 76 SdHoareTripleChecker+Valid, 416 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:23,521 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [76 Valid, 416 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:23,523 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 256 states. [2024-11-18 14:19:23,564 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 256 to 255. [2024-11-18 14:19:23,564 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 255 states, 188 states have (on average 1.3085106382978724) internal successors, (246), 205 states have internal predecessors, (246), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2024-11-18 14:19:23,568 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 255 states to 255 states and 330 transitions. [2024-11-18 14:19:23,569 INFO L78 Accepts]: Start accepts. Automaton has 255 states and 330 transitions. Word has length 34 [2024-11-18 14:19:23,570 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:23,570 INFO L471 AbstractCegarLoop]: Abstraction has 255 states and 330 transitions. [2024-11-18 14:19:23,571 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (2), 1 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:19:23,571 INFO L276 IsEmpty]: Start isEmpty. Operand 255 states and 330 transitions. [2024-11-18 14:19:23,573 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:23,576 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:23,577 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:23,577 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:19:23,577 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:23,578 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:23,578 INFO L85 PathProgramCache]: Analyzing trace with hash -857967289, now seen corresponding path program 1 times [2024-11-18 14:19:23,578 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:23,578 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1877367505] [2024-11-18 14:19:23,578 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,579 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,606 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,693 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:23,694 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:23,694 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1877367505] [2024-11-18 14:19:23,694 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1877367505] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,694 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:23,694 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:19:23,694 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [470463318] [2024-11-18 14:19:23,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,695 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:19:23,695 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,696 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:19:23,696 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:23,696 INFO L87 Difference]: Start difference. First operand 255 states and 330 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:23,736 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:23,736 INFO L93 Difference]: Finished difference Result 508 states and 672 transitions. [2024-11-18 14:19:23,737 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:19:23,738 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-18 14:19:23,738 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:23,740 INFO L225 Difference]: With dead ends: 508 [2024-11-18 14:19:23,740 INFO L226 Difference]: Without dead ends: 261 [2024-11-18 14:19:23,744 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:19:23,746 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 0 mSDsluCounter, 333 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 446 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:23,746 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 446 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:23,747 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 261 states. [2024-11-18 14:19:23,771 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 261 to 261. [2024-11-18 14:19:23,771 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 261 states, 194 states have (on average 1.2989690721649485) internal successors, (252), 211 states have internal predecessors, (252), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2024-11-18 14:19:23,773 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 261 states to 261 states and 336 transitions. [2024-11-18 14:19:23,774 INFO L78 Accepts]: Start accepts. Automaton has 261 states and 336 transitions. Word has length 50 [2024-11-18 14:19:23,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:23,774 INFO L471 AbstractCegarLoop]: Abstraction has 261 states and 336 transitions. [2024-11-18 14:19:23,775 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:23,775 INFO L276 IsEmpty]: Start isEmpty. Operand 261 states and 336 transitions. [2024-11-18 14:19:23,776 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:23,776 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:23,777 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:23,777 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:19:23,777 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:23,777 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:23,778 INFO L85 PathProgramCache]: Analyzing trace with hash -435265463, now seen corresponding path program 1 times [2024-11-18 14:19:23,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:23,778 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1205638820] [2024-11-18 14:19:23,778 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,778 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:23,887 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:23,887 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:23,888 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1205638820] [2024-11-18 14:19:23,888 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1205638820] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:23,888 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:23,888 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:19:23,888 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [898448634] [2024-11-18 14:19:23,888 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:23,888 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:19:23,889 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:23,889 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:19:23,889 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:23,889 INFO L87 Difference]: Start difference. First operand 261 states and 336 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:23,927 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:23,929 INFO L93 Difference]: Finished difference Result 518 states and 694 transitions. [2024-11-18 14:19:23,930 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:19:23,930 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-18 14:19:23,930 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:23,932 INFO L225 Difference]: With dead ends: 518 [2024-11-18 14:19:23,934 INFO L226 Difference]: Without dead ends: 265 [2024-11-18 14:19:23,935 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:23,936 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 0 mSDsluCounter, 222 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:23,939 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 336 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:23,941 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 265 states. [2024-11-18 14:19:23,971 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 265 to 265. [2024-11-18 14:19:23,971 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 265 states, 198 states have (on average 1.292929292929293) internal successors, (256), 215 states have internal predecessors, (256), 36 states have call successors, (36), 30 states have call predecessors, (36), 30 states have return successors, (48), 31 states have call predecessors, (48), 36 states have call successors, (48) [2024-11-18 14:19:23,973 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 265 states to 265 states and 340 transitions. [2024-11-18 14:19:23,975 INFO L78 Accepts]: Start accepts. Automaton has 265 states and 340 transitions. Word has length 50 [2024-11-18 14:19:23,975 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:23,975 INFO L471 AbstractCegarLoop]: Abstraction has 265 states and 340 transitions. [2024-11-18 14:19:23,976 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:19:23,976 INFO L276 IsEmpty]: Start isEmpty. Operand 265 states and 340 transitions. [2024-11-18 14:19:23,977 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:19:23,980 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:23,980 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:23,980 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:19:23,980 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:23,981 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:23,981 INFO L85 PathProgramCache]: Analyzing trace with hash 2054263499, now seen corresponding path program 1 times [2024-11-18 14:19:23,981 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:23,981 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [255210192] [2024-11-18 14:19:23,981 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:23,982 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:23,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:24,112 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:24,114 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:24,114 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [255210192] [2024-11-18 14:19:24,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [255210192] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:24,115 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:24,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:19:24,115 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [709626541] [2024-11-18 14:19:24,115 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:24,116 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:19:24,116 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:24,117 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:19:24,118 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:24,118 INFO L87 Difference]: Start difference. First operand 265 states and 340 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:19:24,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:24,283 INFO L93 Difference]: Finished difference Result 873 states and 1157 transitions. [2024-11-18 14:19:24,284 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:19:24,284 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-18 14:19:24,284 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:24,290 INFO L225 Difference]: With dead ends: 873 [2024-11-18 14:19:24,291 INFO L226 Difference]: Without dead ends: 616 [2024-11-18 14:19:24,292 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:24,294 INFO L432 NwaCegarLoop]: 198 mSDtfsCounter, 150 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 391 SdHoareTripleChecker+Invalid, 70 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:24,296 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 391 Invalid, 70 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:24,298 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 616 states. [2024-11-18 14:19:24,358 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 616 to 604. [2024-11-18 14:19:24,361 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 604 states, 449 states have (on average 1.265033407572383) internal successors, (568), 482 states have internal predecessors, (568), 82 states have call successors, (82), 70 states have call predecessors, (82), 72 states have return successors, (132), 74 states have call predecessors, (132), 82 states have call successors, (132) [2024-11-18 14:19:24,366 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 604 states to 604 states and 782 transitions. [2024-11-18 14:19:24,368 INFO L78 Accepts]: Start accepts. Automaton has 604 states and 782 transitions. Word has length 50 [2024-11-18 14:19:24,369 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:24,369 INFO L471 AbstractCegarLoop]: Abstraction has 604 states and 782 transitions. [2024-11-18 14:19:24,369 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:19:24,370 INFO L276 IsEmpty]: Start isEmpty. Operand 604 states and 782 transitions. [2024-11-18 14:19:24,372 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-18 14:19:24,372 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:24,373 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:24,373 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:19:24,373 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:24,374 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:24,374 INFO L85 PathProgramCache]: Analyzing trace with hash 863852389, now seen corresponding path program 1 times [2024-11-18 14:19:24,374 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:24,374 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [923683470] [2024-11-18 14:19:24,374 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:24,375 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:24,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:24,448 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:19:24,448 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:24,448 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [923683470] [2024-11-18 14:19:24,449 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [923683470] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:24,449 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:24,449 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:19:24,449 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [684895001] [2024-11-18 14:19:24,452 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:24,453 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:24,453 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:24,453 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:24,454 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:24,454 INFO L87 Difference]: Start difference. First operand 604 states and 782 transitions. Second operand has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:24,546 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:24,546 INFO L93 Difference]: Finished difference Result 1010 states and 1350 transitions. [2024-11-18 14:19:24,547 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:24,548 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-18 14:19:24,548 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:24,556 INFO L225 Difference]: With dead ends: 1010 [2024-11-18 14:19:24,557 INFO L226 Difference]: Without dead ends: 1008 [2024-11-18 14:19:24,558 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:19:24,559 INFO L432 NwaCegarLoop]: 116 mSDtfsCounter, 87 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 3 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 87 SdHoareTripleChecker+Valid, 220 SdHoareTripleChecker+Invalid, 8 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 3 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:24,560 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [87 Valid, 220 Invalid, 8 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 3 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:24,563 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1008 states. [2024-11-18 14:19:24,655 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1008 to 968. [2024-11-18 14:19:24,657 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 968 states, 713 states have (on average 1.273492286115007) internal successors, (908), 772 states have internal predecessors, (908), 138 states have call successors, (138), 114 states have call predecessors, (138), 116 states have return successors, (255), 116 states have call predecessors, (255), 138 states have call successors, (255) [2024-11-18 14:19:24,663 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 968 states to 968 states and 1301 transitions. [2024-11-18 14:19:24,665 INFO L78 Accepts]: Start accepts. Automaton has 968 states and 1301 transitions. Word has length 54 [2024-11-18 14:19:24,666 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:24,666 INFO L471 AbstractCegarLoop]: Abstraction has 968 states and 1301 transitions. [2024-11-18 14:19:24,666 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 15.0) internal successors, (45), 3 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:19:24,666 INFO L276 IsEmpty]: Start isEmpty. Operand 968 states and 1301 transitions. [2024-11-18 14:19:24,672 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 85 [2024-11-18 14:19:24,672 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:24,673 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:24,673 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:19:24,673 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:24,675 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:24,675 INFO L85 PathProgramCache]: Analyzing trace with hash 1050157257, now seen corresponding path program 1 times [2024-11-18 14:19:24,676 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:24,676 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1166138632] [2024-11-18 14:19:24,676 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:24,676 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:24,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:24,750 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:19:24,751 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:24,751 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1166138632] [2024-11-18 14:19:24,751 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1166138632] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:24,751 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:19:24,751 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:19:24,753 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1072597040] [2024-11-18 14:19:24,754 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:24,754 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:19:24,754 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:24,754 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:19:24,755 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:24,755 INFO L87 Difference]: Start difference. First operand 968 states and 1301 transitions. Second operand has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-18 14:19:24,923 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:24,923 INFO L93 Difference]: Finished difference Result 1561 states and 2094 transitions. [2024-11-18 14:19:24,924 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:19:24,924 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 84 [2024-11-18 14:19:24,924 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:24,928 INFO L225 Difference]: With dead ends: 1561 [2024-11-18 14:19:24,928 INFO L226 Difference]: Without dead ends: 601 [2024-11-18 14:19:24,931 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:19:24,931 INFO L432 NwaCegarLoop]: 154 mSDtfsCounter, 137 mSDsluCounter, 113 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 267 SdHoareTripleChecker+Invalid, 49 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:24,932 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 267 Invalid, 49 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:24,932 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 601 states. [2024-11-18 14:19:24,977 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 601 to 585. [2024-11-18 14:19:24,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 585 states, 436 states have (on average 1.2568807339449541) internal successors, (548), 471 states have internal predecessors, (548), 79 states have call successors, (79), 67 states have call predecessors, (79), 69 states have return successors, (136), 69 states have call predecessors, (136), 79 states have call successors, (136) [2024-11-18 14:19:24,981 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 585 states to 585 states and 763 transitions. [2024-11-18 14:19:24,982 INFO L78 Accepts]: Start accepts. Automaton has 585 states and 763 transitions. Word has length 84 [2024-11-18 14:19:24,982 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:24,982 INFO L471 AbstractCegarLoop]: Abstraction has 585 states and 763 transitions. [2024-11-18 14:19:24,982 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 17.25) internal successors, (69), 4 states have internal predecessors, (69), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2024-11-18 14:19:24,982 INFO L276 IsEmpty]: Start isEmpty. Operand 585 states and 763 transitions. [2024-11-18 14:19:24,985 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 112 [2024-11-18 14:19:24,986 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:24,987 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:24,987 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:19:24,987 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:24,987 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:24,988 INFO L85 PathProgramCache]: Analyzing trace with hash 229512370, now seen corresponding path program 1 times [2024-11-18 14:19:24,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:24,988 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2057211632] [2024-11-18 14:19:24,988 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:24,988 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:25,054 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:25,354 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 25 proven. 10 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-18 14:19:25,354 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:25,355 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2057211632] [2024-11-18 14:19:25,355 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2057211632] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:25,355 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [424919044] [2024-11-18 14:19:25,355 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:25,356 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:25,356 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:25,358 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:25,359 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:19:25,476 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:25,479 INFO L255 TraceCheckSpWp]: Trace formula consists of 359 conjuncts, 2 conjuncts are in the unsatisfiable core [2024-11-18 14:19:25,487 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:25,561 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-18 14:19:25,561 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:25,561 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [424919044] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:25,561 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:25,561 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2024-11-18 14:19:25,561 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [782836588] [2024-11-18 14:19:25,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:25,562 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:19:25,562 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:25,564 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:19:25,564 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:25,564 INFO L87 Difference]: Start difference. First operand 585 states and 763 transitions. Second operand has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-18 14:19:25,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:25,648 INFO L93 Difference]: Finished difference Result 1269 states and 1712 transitions. [2024-11-18 14:19:25,649 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:19:25,649 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 111 [2024-11-18 14:19:25,650 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:25,655 INFO L225 Difference]: With dead ends: 1269 [2024-11-18 14:19:25,656 INFO L226 Difference]: Without dead ends: 777 [2024-11-18 14:19:25,659 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 115 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-18 14:19:25,660 INFO L432 NwaCegarLoop]: 212 mSDtfsCounter, 82 mSDsluCounter, 109 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 321 SdHoareTripleChecker+Invalid, 14 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:25,661 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 321 Invalid, 14 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:19:25,663 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 777 states. [2024-11-18 14:19:25,713 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 777 to 654. [2024-11-18 14:19:25,714 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 654 states, 489 states have (on average 1.2576687116564418) internal successors, (615), 523 states have internal predecessors, (615), 86 states have call successors, (86), 74 states have call predecessors, (86), 78 states have return successors, (124), 77 states have call predecessors, (124), 86 states have call successors, (124) [2024-11-18 14:19:25,717 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 654 states to 654 states and 825 transitions. [2024-11-18 14:19:25,719 INFO L78 Accepts]: Start accepts. Automaton has 654 states and 825 transitions. Word has length 111 [2024-11-18 14:19:25,720 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:25,720 INFO L471 AbstractCegarLoop]: Abstraction has 654 states and 825 transitions. [2024-11-18 14:19:25,721 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 26.333333333333332) internal successors, (79), 3 states have internal predecessors, (79), 3 states have call successors, (9), 3 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2024-11-18 14:19:25,721 INFO L276 IsEmpty]: Start isEmpty. Operand 654 states and 825 transitions. [2024-11-18 14:19:25,725 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 108 [2024-11-18 14:19:25,725 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:25,726 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:25,749 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-18 14:19:25,926 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:19:25,927 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:25,927 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:25,927 INFO L85 PathProgramCache]: Analyzing trace with hash 1344677582, now seen corresponding path program 1 times [2024-11-18 14:19:25,927 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:25,927 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1535331590] [2024-11-18 14:19:25,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:25,928 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:25,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:26,252 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 21 proven. 8 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-11-18 14:19:26,256 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:26,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1535331590] [2024-11-18 14:19:26,256 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1535331590] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:26,257 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [901882950] [2024-11-18 14:19:26,257 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:26,257 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:26,257 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:26,258 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:26,260 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-18 14:19:26,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:26,388 INFO L255 TraceCheckSpWp]: Trace formula consists of 352 conjuncts, 10 conjuncts are in the unsatisfiable core [2024-11-18 14:19:26,392 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:26,567 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 33 proven. 7 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-11-18 14:19:26,568 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:19:27,007 INFO L134 CoverageAnalysis]: Checked inductivity of 46 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2024-11-18 14:19:27,008 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [901882950] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:19:27,008 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:19:27,008 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 8] total 17 [2024-11-18 14:19:27,008 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [665166437] [2024-11-18 14:19:27,008 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:19:27,009 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-11-18 14:19:27,009 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:27,010 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-18 14:19:27,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=49, Invalid=223, Unknown=0, NotChecked=0, Total=272 [2024-11-18 14:19:27,013 INFO L87 Difference]: Start difference. First operand 654 states and 825 transitions. Second operand has 17 states, 17 states have (on average 9.470588235294118) internal successors, (161), 16 states have internal predecessors, (161), 11 states have call successors, (25), 9 states have call predecessors, (25), 11 states have return successors, (25), 11 states have call predecessors, (25), 11 states have call successors, (25) [2024-11-18 14:19:28,346 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:28,346 INFO L93 Difference]: Finished difference Result 1389 states and 1834 transitions. [2024-11-18 14:19:28,347 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2024-11-18 14:19:28,347 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 17 states have (on average 9.470588235294118) internal successors, (161), 16 states have internal predecessors, (161), 11 states have call successors, (25), 9 states have call predecessors, (25), 11 states have return successors, (25), 11 states have call predecessors, (25), 11 states have call successors, (25) Word has length 107 [2024-11-18 14:19:28,347 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:28,352 INFO L225 Difference]: With dead ends: 1389 [2024-11-18 14:19:28,353 INFO L226 Difference]: Without dead ends: 824 [2024-11-18 14:19:28,356 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 275 GetRequests, 226 SyntacticMatches, 5 SemanticMatches, 44 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 468 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=509, Invalid=1561, Unknown=0, NotChecked=0, Total=2070 [2024-11-18 14:19:28,357 INFO L432 NwaCegarLoop]: 142 mSDtfsCounter, 990 mSDsluCounter, 690 mSDsCounter, 0 mSdLazyCounter, 828 mSolverCounterSat, 375 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 992 SdHoareTripleChecker+Valid, 832 SdHoareTripleChecker+Invalid, 1203 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 375 IncrementalHoareTripleChecker+Valid, 828 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:28,357 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [992 Valid, 832 Invalid, 1203 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [375 Valid, 828 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-18 14:19:28,358 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 824 states. [2024-11-18 14:19:28,416 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 824 to 712. [2024-11-18 14:19:28,418 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 712 states, 531 states have (on average 1.2184557438794728) internal successors, (647), 567 states have internal predecessors, (647), 94 states have call successors, (94), 82 states have call predecessors, (94), 86 states have return successors, (128), 88 states have call predecessors, (128), 94 states have call successors, (128) [2024-11-18 14:19:28,425 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 712 states to 712 states and 869 transitions. [2024-11-18 14:19:28,426 INFO L78 Accepts]: Start accepts. Automaton has 712 states and 869 transitions. Word has length 107 [2024-11-18 14:19:28,427 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:28,427 INFO L471 AbstractCegarLoop]: Abstraction has 712 states and 869 transitions. [2024-11-18 14:19:28,427 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 17 states have (on average 9.470588235294118) internal successors, (161), 16 states have internal predecessors, (161), 11 states have call successors, (25), 9 states have call predecessors, (25), 11 states have return successors, (25), 11 states have call predecessors, (25), 11 states have call successors, (25) [2024-11-18 14:19:28,427 INFO L276 IsEmpty]: Start isEmpty. Operand 712 states and 869 transitions. [2024-11-18 14:19:28,429 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 109 [2024-11-18 14:19:28,429 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:28,429 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:28,457 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-18 14:19:28,629 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-18 14:19:28,630 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:28,631 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:28,631 INFO L85 PathProgramCache]: Analyzing trace with hash -1963313404, now seen corresponding path program 1 times [2024-11-18 14:19:28,631 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:28,632 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1228922070] [2024-11-18 14:19:28,632 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:28,632 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:28,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:28,801 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 21 proven. 4 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-18 14:19:28,801 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:28,801 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1228922070] [2024-11-18 14:19:28,801 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1228922070] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:28,802 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [153112211] [2024-11-18 14:19:28,802 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:28,802 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:28,802 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:28,804 INFO L229 MonitoredProcess]: Starting monitored process 4 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:28,805 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-18 14:19:28,894 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:28,898 INFO L255 TraceCheckSpWp]: Trace formula consists of 351 conjuncts, 11 conjuncts are in the unsatisfiable core [2024-11-18 14:19:28,901 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:29,072 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 7 proven. 2 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2024-11-18 14:19:29,072 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:19:29,200 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2024-11-18 14:19:29,200 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [153112211] provided 1 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:29,201 INFO L185 FreeRefinementEngine]: Found 1 perfect and 2 imperfect interpolant sequences. [2024-11-18 14:19:29,201 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [7, 5] total 11 [2024-11-18 14:19:29,201 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1240086351] [2024-11-18 14:19:29,201 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:29,201 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-18 14:19:29,201 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:29,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-18 14:19:29,202 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=85, Unknown=0, NotChecked=0, Total=110 [2024-11-18 14:19:29,202 INFO L87 Difference]: Start difference. First operand 712 states and 869 transitions. Second operand has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-18 14:19:29,391 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:29,391 INFO L93 Difference]: Finished difference Result 2040 states and 2548 transitions. [2024-11-18 14:19:29,391 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:19:29,392 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) Word has length 108 [2024-11-18 14:19:29,392 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:29,399 INFO L225 Difference]: With dead ends: 2040 [2024-11-18 14:19:29,400 INFO L226 Difference]: Without dead ends: 1336 [2024-11-18 14:19:29,403 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 212 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=35, Invalid=121, Unknown=0, NotChecked=0, Total=156 [2024-11-18 14:19:29,403 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 74 mSDsluCounter, 405 mSDsCounter, 0 mSdLazyCounter, 56 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 519 SdHoareTripleChecker+Invalid, 60 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 56 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:29,404 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 519 Invalid, 60 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 56 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:29,405 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1336 states. [2024-11-18 14:19:29,587 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1336 to 1228. [2024-11-18 14:19:29,589 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1228 states, 909 states have (on average 1.1903190319031902) internal successors, (1082), 973 states have internal predecessors, (1082), 163 states have call successors, (163), 145 states have call predecessors, (163), 155 states have return successors, (230), 155 states have call predecessors, (230), 163 states have call successors, (230) [2024-11-18 14:19:29,597 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1228 states to 1228 states and 1475 transitions. [2024-11-18 14:19:29,599 INFO L78 Accepts]: Start accepts. Automaton has 1228 states and 1475 transitions. Word has length 108 [2024-11-18 14:19:29,600 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:29,600 INFO L471 AbstractCegarLoop]: Abstraction has 1228 states and 1475 transitions. [2024-11-18 14:19:29,600 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.166666666666666) internal successors, (73), 5 states have internal predecessors, (73), 2 states have call successors, (11), 2 states have call predecessors, (11), 2 states have return successors, (10), 3 states have call predecessors, (10), 2 states have call successors, (10) [2024-11-18 14:19:29,601 INFO L276 IsEmpty]: Start isEmpty. Operand 1228 states and 1475 transitions. [2024-11-18 14:19:29,604 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 113 [2024-11-18 14:19:29,605 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:19:29,605 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:29,623 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2024-11-18 14:19:29,809 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:29,810 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:19:29,810 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:19:29,810 INFO L85 PathProgramCache]: Analyzing trace with hash 1470383360, now seen corresponding path program 1 times [2024-11-18 14:19:29,811 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:19:29,811 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [97391] [2024-11-18 14:19:29,811 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:29,811 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:19:29,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:29,975 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 17 trivial. 0 not checked. [2024-11-18 14:19:29,975 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:19:29,975 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [97391] [2024-11-18 14:19:29,975 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [97391] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:19:29,975 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [619631762] [2024-11-18 14:19:29,975 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:19:29,975 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:29,976 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:19:29,977 INFO L229 MonitoredProcess]: Starting monitored process 5 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:19:29,979 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-18 14:19:30,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:19:30,074 INFO L255 TraceCheckSpWp]: Trace formula consists of 361 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-18 14:19:30,077 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:19:30,207 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 30 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-18 14:19:30,207 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-18 14:19:30,207 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [619631762] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:19:30,207 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-18 14:19:30,208 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [7] total 12 [2024-11-18 14:19:30,208 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1119590542] [2024-11-18 14:19:30,208 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:19:30,208 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-18 14:19:30,208 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:19:30,209 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-18 14:19:30,209 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=26, Invalid=106, Unknown=0, NotChecked=0, Total=132 [2024-11-18 14:19:30,209 INFO L87 Difference]: Start difference. First operand 1228 states and 1475 transitions. Second operand has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) [2024-11-18 14:19:30,390 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:19:30,390 INFO L93 Difference]: Finished difference Result 2215 states and 2656 transitions. [2024-11-18 14:19:30,391 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:19:30,391 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) Word has length 112 [2024-11-18 14:19:30,391 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:19:30,393 INFO L225 Difference]: With dead ends: 2215 [2024-11-18 14:19:30,394 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:19:30,398 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 121 GetRequests, 108 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=38, Invalid=172, Unknown=0, NotChecked=0, Total=210 [2024-11-18 14:19:30,398 INFO L432 NwaCegarLoop]: 189 mSDtfsCounter, 34 mSDsluCounter, 821 mSDsCounter, 0 mSdLazyCounter, 63 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 1010 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 63 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:19:30,399 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 1010 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 63 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:19:30,399 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:19:30,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:19:30,400 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:19:30,400 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:19:30,401 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 112 [2024-11-18 14:19:30,401 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:19:30,401 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:19:30,402 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 12.142857142857142) internal successors, (85), 6 states have internal predecessors, (85), 3 states have call successors, (11), 3 states have call predecessors, (11), 4 states have return successors, (11), 4 states have call predecessors, (11), 3 states have call successors, (11) [2024-11-18 14:19:30,402 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:19:30,402 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:19:30,404 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:19:30,423 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-11-18 14:19:30,608 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable12,5 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:19:30,611 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:19:30,614 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:19:41,689 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:19:41,712 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |old(~pumpRunning~0)| 1)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2))) (= ~pumpRunning~0 1)) Eliminated clause: (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1))) (= ~pumpRunning~0 1)) [2024-11-18 14:19:41,794 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (let ((.cse8 (= 0 ~systemActive~0)) (.cse7 (= 2 ~waterLevel~0)) (.cse5 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse4 (= ~pumpRunning~0 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse0 (= ~methAndRunningLastTime~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse3 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (or (and .cse6 .cse0 .cse3 (= ~waterLevel~0 1)) (and .cse6 .cse0 .cse3 (<= ~waterLevel~0 0)))) (and .cse6 .cse0 .cse7 .cse5 .cse3) (and .cse6 .cse0 .cse7 .cse1 .cse3) (and .cse6 .cse0 .cse1 (<= ~waterLevel~0 2) .cse8) (and .cse0 .cse7 .cse1 .cse3 .cse4) (and .cse6 .cse0 .cse2 .cse5 .cse8) (and .cse6 .cse0 .cse7 .cse5 .cse8) (and .cse7 .cse5 .cse3 .cse4) (and .cse6 .cse0 .cse1 .cse2 .cse3))) (or (<= 1 ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1)) (or (not .cse1) (= ~methaneLevelCritical~0 0)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0))) (and (let ((.cse8 (= 0 ~systemActive~0)) (.cse7 (= 2 ~waterLevel~0)) (.cse5 (<= 1 |old(~methaneLevelCritical~0)|)) (.cse4 (= ~pumpRunning~0 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse0 (= ~methAndRunningLastTime~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse3 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (or (and .cse6 .cse0 .cse3 (= ~waterLevel~0 1)) (and .cse6 .cse0 .cse3 (<= ~waterLevel~0 0)))) (and .cse6 .cse0 .cse7 .cse5 .cse3) (and .cse6 .cse0 .cse7 .cse1 .cse3) (and .cse6 .cse0 .cse1 (<= ~waterLevel~0 2) .cse8) (and .cse0 .cse7 .cse1 .cse3 .cse4) (and .cse6 .cse0 .cse2 .cse5 .cse8) (and .cse6 .cse0 .cse7 .cse5 .cse8) (and .cse7 .cse5 .cse3 .cse4) (and .cse6 .cse0 .cse1 .cse2 .cse3))) (or (< |old(~methaneLevelCritical~0)| 1) (< 0 ~methaneLevelCritical~0)) (or (not .cse1) (= ~methaneLevelCritical~0 0))))) [2024-11-18 14:19:41,819 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:41,859 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse8 (= |old(~pumpRunning~0)| 1)) (.cse9 (= |old(~methAndRunningLastTime~0)| 0)) (.cse14 (= 0 ~systemActive~0))) (let ((.cse2 (not .cse14)) (.cse3 (= |old(~waterLevel~0)| 2)) (.cse10 (= |old(~pumpRunning~0)| 0)) (.cse7 (= 1 ~systemActive~0)) (.cse5 (= ~pumpRunning~0 0)) (.cse0 (not .cse9)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (not .cse8))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 1)) (<= ~waterLevel~0 0) .cse2) (or (= 2 ~waterLevel~0) (not .cse3)) (or .cse4 (= ~pumpRunning~0 1)) (or .cse5 .cse2) (let ((.cse6 (<= 1 ~methaneLevelCritical~0)) (.cse12 (<= |old(~waterLevel~0)| 1)) (.cse13 (<= |old(~waterLevel~0)| 2)) (.cse11 (= ~methaneLevelCritical~0 0))) (or (and .cse6 .cse7 .cse8 .cse3) (and .cse6 .cse9 .cse7 .cse10 .cse3) (and .cse11 .cse9 .cse7 .cse10 .cse12) (and .cse6 .cse9 .cse7 .cse8 .cse13) (and .cse6 .cse10 .cse14 .cse13) (and .cse6 .cse9 .cse7 .cse10 .cse12) (and .cse11 .cse7 .cse8 .cse13) (and .cse11 .cse10 .cse14 .cse13) (and .cse11 .cse9 .cse7 .cse10 .cse3))) (<= ~waterLevel~0 |old(~waterLevel~0)|) (or (not .cse10) (not .cse7) (and .cse5 .cse1)) (or .cse0 .cse1 .cse4 (< ~methaneLevelCritical~0 1))))) Eliminated clause: (let ((.cse14 (= 0 ~systemActive~0))) (let ((.cse1 (not .cse14)) (.cse0 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1) (exists ((|old(~methAndRunningLastTime~0)| Int) (|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse8 (= |old(~pumpRunning~0)| 1)) (.cse9 (= |old(~methAndRunningLastTime~0)| 0))) (let ((.cse4 (= |old(~waterLevel~0)| 2)) (.cse10 (= |old(~pumpRunning~0)| 0)) (.cse7 (= 1 ~systemActive~0)) (.cse2 (not .cse9)) (.cse3 (= ~methAndRunningLastTime~0 0)) (.cse5 (not .cse8))) (and (or .cse2 .cse3 (< ~waterLevel~0 1) (not (= |old(~waterLevel~0)| 1)) .cse1) (or (= 2 ~waterLevel~0) (not .cse4)) (or .cse5 (= ~pumpRunning~0 1)) (let ((.cse6 (<= 1 ~methaneLevelCritical~0)) (.cse12 (<= |old(~waterLevel~0)| 1)) (.cse13 (<= |old(~waterLevel~0)| 2)) (.cse11 (= ~methaneLevelCritical~0 0))) (or (and .cse6 .cse7 .cse8 .cse4) (and .cse6 .cse9 .cse7 .cse10 .cse4) (and .cse11 .cse9 .cse7 .cse10 .cse12) (and .cse6 .cse9 .cse7 .cse8 .cse13) (and .cse6 .cse10 .cse14 .cse13) (and .cse6 .cse9 .cse7 .cse10 .cse12) (and .cse11 .cse7 .cse8 .cse13) (and .cse11 .cse10 .cse14 .cse13) (and .cse11 .cse9 .cse7 .cse10 .cse4))) (<= ~waterLevel~0 |old(~waterLevel~0)|) (or (not .cse10) (not .cse7) (and .cse0 .cse3)) (or .cse2 .cse3 .cse5 (< ~methaneLevelCritical~0 1))))))))) [2024-11-18 14:19:41,892 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:41,954 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1))) (and (or .cse0 (< ~waterLevel~0 2)) (or (not .cse1) .cse0) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (= 1 ~systemActive~0))) (let ((.cse7 (<= 1 ~methaneLevelCritical~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse8 (or (and .cse2 .cse5 .cse1 (= ~waterLevel~0 1)) (and .cse2 .cse5 .cse1 (<= ~waterLevel~0 0))))) (or (and .cse2 .cse3 .cse4 .cse5 .cse1) (and .cse4 .cse5 .cse6) (and .cse7 .cse8) (and .cse2 .cse7 .cse3 .cse5 .cse1) (and .cse4 .cse8)))) (or (not .cse6) (= ~pumpRunning~0 1)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (or .cse0 (< ~waterLevel~0 2)) (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse1) .cse0) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (= 1 ~systemActive~0))) (let ((.cse7 (<= 1 ~methaneLevelCritical~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse8 (or (and .cse2 .cse5 .cse1 (= ~waterLevel~0 1)) (and .cse2 .cse5 .cse1 (<= ~waterLevel~0 0))))) (or (and .cse2 .cse3 .cse4 .cse5 .cse1) (and .cse4 .cse5 .cse6) (and .cse7 .cse8) (and .cse2 .cse7 .cse3 .cse5 .cse1) (and .cse4 .cse8)))) (or (not .cse6) (= ~pumpRunning~0 1))))))) [2024-11-18 14:19:41,960 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:41,988 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse8 (= 0 ~systemActive~0)) (.cse6 (<= 1 ~methaneLevelCritical~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (<= |old(~waterLevel~0)| 1)) (.cse7 (= ~pumpRunning~0 1))) (or (and .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse2 .cse6 .cse4 .cse0) (and .cse6 .cse4 .cse0 .cse7) (and .cse1 .cse2 .cse3 .cse8 .cse5) (and .cse1 .cse2 .cse6 .cse8 .cse0) (and .cse2 .cse3 .cse4 .cse0 .cse7) (and .cse1 .cse2 .cse3 .cse8 .cse0) (and .cse1 .cse2 .cse6 .cse8 .cse5) (and .cse1 .cse2 .cse6 .cse4 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse0) (and .cse2 .cse3 .cse4 .cse5 .cse7))) (<= ~waterLevel~0 |old(~waterLevel~0)|))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse8 (= 0 ~systemActive~0)) (.cse6 (<= 1 ~methaneLevelCritical~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (<= |old(~waterLevel~0)| 1)) (.cse7 (= ~pumpRunning~0 1))) (or (and .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse2 .cse6 .cse4 .cse0) (and .cse6 .cse4 .cse0 .cse7) (and .cse1 .cse2 .cse3 .cse8 .cse5) (and .cse1 .cse2 .cse6 .cse8 .cse0) (and .cse2 .cse3 .cse4 .cse0 .cse7) (and .cse1 .cse2 .cse3 .cse8 .cse0) (and .cse1 .cse2 .cse6 .cse8 .cse5) (and .cse1 .cse2 .cse6 .cse4 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse0) (and .cse2 .cse3 .cse4 .cse5 .cse7))) (<= ~waterLevel~0 |old(~waterLevel~0)|)))) [2024-11-18 14:19:42,009 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:42,032 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1))) (and (or .cse0 (< ~waterLevel~0 2)) (or (not .cse1) .cse0) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (= 1 ~systemActive~0))) (let ((.cse7 (<= 1 ~methaneLevelCritical~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse8 (or (and .cse2 .cse5 .cse1 (= ~waterLevel~0 1)) (and .cse2 .cse5 .cse1 (<= ~waterLevel~0 0))))) (or (and .cse2 .cse3 .cse4 .cse5 .cse1) (and .cse4 .cse5 .cse6) (and .cse7 .cse8) (and .cse2 .cse7 .cse3 .cse5 .cse1) (and .cse4 .cse8)))) (or (not .cse6) (= ~pumpRunning~0 1)))) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (or .cse0 (< ~waterLevel~0 2)) (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse6 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse1) .cse0) (let ((.cse2 (= ~methAndRunningLastTime~0 0)) (.cse5 (= 1 ~systemActive~0))) (let ((.cse7 (<= 1 ~methaneLevelCritical~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse8 (or (and .cse2 .cse5 .cse1 (= ~waterLevel~0 1)) (and .cse2 .cse5 .cse1 (<= ~waterLevel~0 0))))) (or (and .cse2 .cse3 .cse4 .cse5 .cse1) (and .cse4 .cse5 .cse6) (and .cse7 .cse8) (and .cse2 .cse7 .cse3 .cse5 .cse1) (and .cse4 .cse8)))) (or (not .cse6) (= ~pumpRunning~0 1))))))) [2024-11-18 14:19:42,036 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:19:42,037 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:19:42 BoogieIcfgContainer [2024-11-18 14:19:42,037 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:19:42,038 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:19:42,038 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:19:42,038 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:19:42,038 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:19:22" (3/4) ... [2024-11-18 14:19:42,041 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:19:42,045 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-18 14:19:42,045 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:19:42,045 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:19:42,046 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-18 14:19:42,056 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-18 14:19:42,057 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:19:42,057 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:19:42,058 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:19:42,058 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:19:42,187 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:19:42,189 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:19:42,190 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:19:42,191 INFO L158 Benchmark]: Toolchain (without parser) took 21606.63ms. Allocated memory was 203.4MB in the beginning and 463.5MB in the end (delta: 260.0MB). Free memory was 144.1MB in the beginning and 262.0MB in the end (delta: -117.9MB). Peak memory consumption was 142.6MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,191 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 203.4MB. Free memory is still 168.5MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:19:42,191 INFO L158 Benchmark]: CACSL2BoogieTranslator took 642.89ms. Allocated memory is still 203.4MB. Free memory was 143.6MB in the beginning and 121.7MB in the end (delta: 22.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,192 INFO L158 Benchmark]: Boogie Procedure Inliner took 58.12ms. Allocated memory is still 203.4MB. Free memory was 121.7MB in the beginning and 119.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,192 INFO L158 Benchmark]: Boogie Preprocessor took 69.59ms. Allocated memory is still 203.4MB. Free memory was 119.6MB in the beginning and 116.8MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,193 INFO L158 Benchmark]: RCFGBuilder took 811.32ms. Allocated memory is still 203.4MB. Free memory was 116.8MB in the beginning and 96.5MB in the end (delta: 20.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,193 INFO L158 Benchmark]: TraceAbstraction took 19865.84ms. Allocated memory was 203.4MB in the beginning and 463.5MB in the end (delta: 260.0MB). Free memory was 95.8MB in the beginning and 271.4MB in the end (delta: -175.6MB). Peak memory consumption was 198.2MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,194 INFO L158 Benchmark]: Witness Printer took 152.32ms. Allocated memory is still 463.5MB. Free memory was 271.4MB in the beginning and 262.0MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:19:42,195 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 203.4MB. Free memory is still 168.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 642.89ms. Allocated memory is still 203.4MB. Free memory was 143.6MB in the beginning and 121.7MB in the end (delta: 22.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 58.12ms. Allocated memory is still 203.4MB. Free memory was 121.7MB in the beginning and 119.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 69.59ms. Allocated memory is still 203.4MB. Free memory was 119.6MB in the beginning and 116.8MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 811.32ms. Allocated memory is still 203.4MB. Free memory was 116.8MB in the beginning and 96.5MB in the end (delta: 20.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 19865.84ms. Allocated memory was 203.4MB in the beginning and 463.5MB in the end (delta: 260.0MB). Free memory was 95.8MB in the beginning and 271.4MB in the end (delta: -175.6MB). Peak memory consumption was 198.2MB. Max. memory is 16.1GB. * Witness Printer took 152.32ms. Allocated memory is still 463.5MB. Free memory was 271.4MB in the beginning and 262.0MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [415] - GenericResultAtLocation [Line: 424]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [424] - GenericResultAtLocation [Line: 535]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification2_spec.i","") [535] - GenericResultAtLocation [Line: 575]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [575] - GenericResultAtLocation [Line: 827]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [827] - GenericResultAtLocation [Line: 897]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [897] - GenericResultAtLocation [Line: 935]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [935] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 420]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 107 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.4s, OverallIterations: 13, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1763 SdHoareTripleChecker+Valid, 1.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1755 mSDsluCounter, 5338 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3488 mSDsCounter, 408 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1139 IncrementalHoareTripleChecker+Invalid, 1547 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 408 mSolverCounterUnsat, 1850 mSDtfsCounter, 1139 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 772 GetRequests, 677 SyntacticMatches, 6 SemanticMatches, 89 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 492 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1228occurred in iteration=12, InterpolantAutomatonStates: 83, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 13 MinimizatonAttempts, 415 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 2.8s InterpolantComputationTime, 1280 NumberOfCodeBlocks, 1280 NumberOfCodeBlocksAsserted, 17 NumberOfCheckSat, 1476 ConstructedInterpolants, 0 QuantifiedInterpolants, 2852 SizeOfPredicates, 3 NumberOfNonLiveVariables, 1423 ConjunctsInSsa, 31 ConjunctsInUnsatCore, 19 InterpolantComputations, 12 PerfectInterpolantSequences, 413/450 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 947]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 838]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: ((((((((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive))) || (((((1 <= methaneLevelCritical) && (2 == waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((methaneLevelCritical == 0) && ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 0))))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((methAndRunningLastTime == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) || ((((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) || ((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (0 == systemActive))) - ProcedureContractResult [Line: 702]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((1 <= methaneLevelCritical) && (1 == systemActive)) && (waterLevel <= 2)) || (((methaneLevelCritical == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (pumpRunning == 1)) Ensures: (((pumpRunning == 0) && (((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) || ((((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 609]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) || ((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel <= 0))))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) Ensures: ((((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) || ((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((1 <= methaneLevelCritical) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel <= 0))))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 459]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((((((((((((((methAndRunningLastTime == 0) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1)) || ((1 <= \old(methaneLevelCritical)) && (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel == 1)) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 == systemActive)) && (waterLevel <= 0))))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 2)) && (0 == systemActive))) || (((((methAndRunningLastTime == 0) && (2 == waterLevel)) && (\old(methaneLevelCritical) == 0)) && (1 == systemActive)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (waterLevel <= 1)) && (1 <= \old(methaneLevelCritical))) && (0 == systemActive))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel)) && (1 <= \old(methaneLevelCritical))) && (0 == systemActive))) || ((((2 == waterLevel) && (1 <= \old(methaneLevelCritical))) && (1 == systemActive)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 1)) && (1 == systemActive))) && ((\old(methaneLevelCritical) != 0) || (0 < methaneLevelCritical))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) < 1))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 937]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 585]: Procedure Contract for timeShift Derived contract for procedure timeShift. Requires: ((pumpRunning == 0) || (0 != systemActive)) Ensures: (((((((((((\old(pumpRunning) != 1) || ((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && ((methAndRunningLastTime == 0) || (methaneLevelCritical != 0))) && ((pumpRunning == 0) || (0 != systemActive))) && ((((\old(pumpRunning) != 0) || (0 < \old(waterLevel))) && ((\old(pumpRunning) != 0) || (\old(waterLevel) != 1))) || ((pumpRunning == 0) && (methAndRunningLastTime == 0)))) && (waterLevel <= \old(waterLevel))) && (((((((((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 1)) && (\old(waterLevel) == 2)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2))) || (((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == 2))) || (((((methaneLevelCritical == 0) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || ((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2))) || ((((1 <= methaneLevelCritical) && (\old(pumpRunning) == 0)) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((((1 <= methaneLevelCritical) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || ((((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (0 == systemActive)) && (\old(waterLevel) <= 2))) || (((((methaneLevelCritical == 0) && (\old(methAndRunningLastTime) == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == 2)))) && (((\old(pumpRunning) != 1) || (methaneLevelCritical < 1)) || ((pumpRunning == 0) && (methAndRunningLastTime == 0)))) && ((((\old(pumpRunning) != 0) || (((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (2 == waterLevel))) || (\old(waterLevel) != 2)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 471]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((((((((((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((((1 <= methaneLevelCritical) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((((methAndRunningLastTime == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: ((((methaneLevelCritical <= \result) && ((((((((((((((methaneLevelCritical == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 2)) && (0 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (0 == systemActive))) || ((((1 <= methaneLevelCritical) && (waterLevel <= 1)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive))) || ((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive))) || (((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (2 == waterLevel)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((((methAndRunningLastTime == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (waterLevel <= 1)) && (1 == systemActive)))) && ((methaneLevelCritical != 0) || (\result == 0))) && (((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 617]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: ((pumpRunning == 0) || (waterLevel < 2)) Ensures: (((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && (((((2 == waterLevel) && (\old(pumpRunning) == 0)) && (pumpRunning == 1)) || ((pumpRunning == 0) && (2 == waterLevel))) || (waterLevel < 2))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 447]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: (((((2 == waterLevel) || (\old(waterLevel) != 2)) && (((((((((((((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 1)) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(waterLevel) == 2))) || ((((1 <= methaneLevelCritical) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 == systemActive)) && (\old(waterLevel) <= 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 == systemActive)) && (\old(waterLevel) == 2))) || (((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (0 == systemActive)) && (\old(waterLevel) == 2))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (0 == systemActive)) && (\old(waterLevel) <= 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || (((((pumpRunning == 0) && (methAndRunningLastTime == 0)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) == 2))) || (((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(waterLevel) <= 1)) && (pumpRunning == 1)))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && ((((((head == \old(head)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 643]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Requires: ((pumpRunning == 0) || (waterLevel < 2)) Ensures: (((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || ((((methAndRunningLastTime == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || ((((methAndRunningLastTime == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((2 == waterLevel) && (\old(pumpRunning) == 0)) || (waterLevel < 2))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((head == \old(head)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (methAndRunningLastTime == \old(methAndRunningLastTime))) && (systemActive == \old(systemActive))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:19:42,238 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE