./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4c4adbf609ddd472cb6a462753c6f5cc9af64c97af02da4060f4102700285790 --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:20:07,324 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:20:07,388 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:20:07,394 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:20:07,394 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:20:07,415 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:20:07,415 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:20:07,416 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:20:07,416 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:20:07,417 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:20:07,417 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:20:07,417 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:20:07,418 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:20:07,418 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:20:07,419 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:20:07,419 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:20:07,419 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:20:07,420 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:20:07,421 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:20:07,422 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:20:07,422 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:20:07,422 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:20:07,422 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:20:07,423 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:20:07,423 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:20:07,423 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:20:07,423 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:20:07,423 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:20:07,424 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:20:07,424 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:20:07,424 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:20:07,424 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:20:07,424 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:20:07,424 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:20:07,425 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:20:07,425 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:20:07,425 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:20:07,425 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:20:07,426 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:20:07,426 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:20:07,426 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:20:07,426 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:20:07,426 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4c4adbf609ddd472cb6a462753c6f5cc9af64c97af02da4060f4102700285790 [2024-11-18 14:20:07,649 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:20:07,670 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:20:07,672 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:20:07,673 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:20:07,674 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:20:07,675 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c [2024-11-18 14:20:09,021 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:20:09,248 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:20:09,248 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c [2024-11-18 14:20:09,263 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/39f7fb8dc/0b0ee562d9f64b77add2d0551119b796/FLAGfaaced0c9 [2024-11-18 14:20:09,277 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/39f7fb8dc/0b0ee562d9f64b77add2d0551119b796 [2024-11-18 14:20:09,279 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:20:09,281 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:20:09,287 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:20:09,287 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:20:09,292 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:20:09,293 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,294 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@78079987 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09, skipping insertion in model container [2024-11-18 14:20:09,294 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,332 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:20:09,569 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c[8617,8630] [2024-11-18 14:20:09,639 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:20:09,650 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:20:09,659 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [49] [2024-11-18 14:20:09,660 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] [2024-11-18 14:20:09,660 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [186] [2024-11-18 14:20:09,660 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [288] [2024-11-18 14:20:09,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [485] [2024-11-18 14:20:09,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [550] [2024-11-18 14:20:09,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [585] [2024-11-18 14:20:09,661 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [594] [2024-11-18 14:20:09,679 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product45.cil.c[8617,8630] [2024-11-18 14:20:09,725 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:20:09,765 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:20:09,766 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09 WrapperNode [2024-11-18 14:20:09,766 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:20:09,767 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:20:09,767 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:20:09,767 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:20:09,772 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,785 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,810 INFO L138 Inliner]: procedures = 54, calls = 100, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 197 [2024-11-18 14:20:09,811 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:20:09,811 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:20:09,811 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:20:09,811 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:20:09,820 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,820 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,822 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,838 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:20:09,838 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,838 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,841 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,848 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,849 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,850 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,852 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:20:09,854 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:20:09,854 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:20:09,855 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:20:09,855 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (1/1) ... [2024-11-18 14:20:09,860 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:20:09,869 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:20:09,882 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:20:09,886 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:20:09,931 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:20:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:20:09,932 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:20:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:20:09,932 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:20:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:20:09,932 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:20:09,932 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:20:09,933 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:20:09,933 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:20:09,993 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:20:09,995 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:20:10,226 INFO L? ?]: Removed 45 outVars from TransFormulas that were not future-live. [2024-11-18 14:20:10,226 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:20:10,240 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:20:10,243 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:20:10,243 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:20:10 BoogieIcfgContainer [2024-11-18 14:20:10,243 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:20:10,245 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:20:10,245 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:20:10,248 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:20:10,248 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:20:09" (1/3) ... [2024-11-18 14:20:10,249 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5442459b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:20:10, skipping insertion in model container [2024-11-18 14:20:10,249 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:20:09" (2/3) ... [2024-11-18 14:20:10,249 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5442459b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:20:10, skipping insertion in model container [2024-11-18 14:20:10,249 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:20:10" (3/3) ... [2024-11-18 14:20:10,250 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product45.cil.c [2024-11-18 14:20:10,263 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:20:10,263 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:20:10,313 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:20:10,318 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@144d7d56, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:20:10,318 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:20:10,328 INFO L276 IsEmpty]: Start isEmpty. Operand has 95 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2024-11-18 14:20:10,335 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-18 14:20:10,336 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:10,336 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:10,337 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:10,342 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:10,343 INFO L85 PathProgramCache]: Analyzing trace with hash 1088804663, now seen corresponding path program 1 times [2024-11-18 14:20:10,350 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:10,351 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1793747212] [2024-11-18 14:20:10,351 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:10,351 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:10,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:10,541 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:10,542 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:10,542 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1793747212] [2024-11-18 14:20:10,542 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1793747212] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:10,543 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:10,543 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:20:10,544 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998099177] [2024-11-18 14:20:10,545 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:10,549 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:20:10,549 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:10,586 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:20:10,588 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:20:10,590 INFO L87 Difference]: Start difference. First operand has 95 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,631 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:10,632 INFO L93 Difference]: Finished difference Result 182 states and 247 transitions. [2024-11-18 14:20:10,634 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:20:10,636 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-18 14:20:10,636 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:10,643 INFO L225 Difference]: With dead ends: 182 [2024-11-18 14:20:10,643 INFO L226 Difference]: Without dead ends: 86 [2024-11-18 14:20:10,647 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:20:10,651 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:10,653 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:10,667 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 86 states. [2024-11-18 14:20:10,684 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 86 to 86. [2024-11-18 14:20:10,685 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 64 states have (on average 1.3125) internal successors, (84), 71 states have internal predecessors, (84), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-18 14:20:10,687 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 111 transitions. [2024-11-18 14:20:10,688 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 111 transitions. Word has length 25 [2024-11-18 14:20:10,688 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:10,688 INFO L471 AbstractCegarLoop]: Abstraction has 86 states and 111 transitions. [2024-11-18 14:20:10,688 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,689 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 111 transitions. [2024-11-18 14:20:10,690 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-18 14:20:10,691 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:10,691 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:10,692 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:20:10,692 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:10,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:10,692 INFO L85 PathProgramCache]: Analyzing trace with hash 913970031, now seen corresponding path program 1 times [2024-11-18 14:20:10,693 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:10,693 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1705289297] [2024-11-18 14:20:10,693 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:10,694 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:10,709 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:10,799 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:10,799 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:10,799 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1705289297] [2024-11-18 14:20:10,800 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1705289297] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:10,800 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:10,800 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:20:10,800 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [577355733] [2024-11-18 14:20:10,801 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:10,802 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:20:10,803 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:10,804 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:20:10,805 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:20:10,805 INFO L87 Difference]: Start difference. First operand 86 states and 111 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:10,826 INFO L93 Difference]: Finished difference Result 138 states and 178 transitions. [2024-11-18 14:20:10,827 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:20:10,827 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-18 14:20:10,827 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:10,828 INFO L225 Difference]: With dead ends: 138 [2024-11-18 14:20:10,828 INFO L226 Difference]: Without dead ends: 77 [2024-11-18 14:20:10,829 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:20:10,829 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 12 mSDsluCounter, 82 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 180 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:10,830 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 180 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:10,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-18 14:20:10,836 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-18 14:20:10,837 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 58 states have (on average 1.3275862068965518) internal successors, (77), 65 states have internal predecessors, (77), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-18 14:20:10,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 99 transitions. [2024-11-18 14:20:10,838 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 99 transitions. Word has length 26 [2024-11-18 14:20:10,838 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:10,838 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 99 transitions. [2024-11-18 14:20:10,839 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,839 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 99 transitions. [2024-11-18 14:20:10,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-18 14:20:10,840 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:10,840 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:10,840 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:20:10,840 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:10,840 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:10,841 INFO L85 PathProgramCache]: Analyzing trace with hash 1563838683, now seen corresponding path program 1 times [2024-11-18 14:20:10,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:10,841 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1858281043] [2024-11-18 14:20:10,841 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:10,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:10,864 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:10,939 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:10,939 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:10,939 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1858281043] [2024-11-18 14:20:10,940 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1858281043] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:10,940 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:10,940 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:20:10,940 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [385025252] [2024-11-18 14:20:10,940 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:10,940 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:20:10,941 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:10,941 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:20:10,941 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:20:10,941 INFO L87 Difference]: Start difference. First operand 77 states and 99 transitions. Second operand has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,956 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:10,956 INFO L93 Difference]: Finished difference Result 147 states and 192 transitions. [2024-11-18 14:20:10,957 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:20:10,957 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2024-11-18 14:20:10,957 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:10,958 INFO L225 Difference]: With dead ends: 147 [2024-11-18 14:20:10,959 INFO L226 Difference]: Without dead ends: 77 [2024-11-18 14:20:10,960 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:20:10,961 INFO L432 NwaCegarLoop]: 97 mSDtfsCounter, 81 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 97 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:10,962 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 97 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:10,962 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 77 states. [2024-11-18 14:20:10,970 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 77 to 77. [2024-11-18 14:20:10,971 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 77 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2024-11-18 14:20:10,971 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 77 states to 77 states and 98 transitions. [2024-11-18 14:20:10,972 INFO L78 Accepts]: Start accepts. Automaton has 77 states and 98 transitions. Word has length 30 [2024-11-18 14:20:10,972 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:10,972 INFO L471 AbstractCegarLoop]: Abstraction has 77 states and 98 transitions. [2024-11-18 14:20:10,974 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.0) internal successors, (27), 3 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-18 14:20:10,975 INFO L276 IsEmpty]: Start isEmpty. Operand 77 states and 98 transitions. [2024-11-18 14:20:10,976 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-18 14:20:10,976 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:10,976 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:10,976 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:20:10,976 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:10,977 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:10,977 INFO L85 PathProgramCache]: Analyzing trace with hash 1485355981, now seen corresponding path program 1 times [2024-11-18 14:20:10,977 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:10,977 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2020653485] [2024-11-18 14:20:10,977 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:10,977 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:10,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:11,055 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:11,055 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:11,055 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2020653485] [2024-11-18 14:20:11,056 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2020653485] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:11,056 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:11,056 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:11,056 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [355907602] [2024-11-18 14:20:11,056 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:11,056 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:11,057 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:11,057 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:11,058 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:11,058 INFO L87 Difference]: Start difference. First operand 77 states and 98 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:20:11,295 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:11,296 INFO L93 Difference]: Finished difference Result 230 states and 292 transitions. [2024-11-18 14:20:11,296 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-18 14:20:11,296 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 40 [2024-11-18 14:20:11,296 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:11,298 INFO L225 Difference]: With dead ends: 230 [2024-11-18 14:20:11,298 INFO L226 Difference]: Without dead ends: 160 [2024-11-18 14:20:11,299 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2024-11-18 14:20:11,299 INFO L432 NwaCegarLoop]: 114 mSDtfsCounter, 202 mSDsluCounter, 171 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 204 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 182 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:11,300 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [204 Valid, 285 Invalid, 182 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:20:11,301 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2024-11-18 14:20:11,319 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 154. [2024-11-18 14:20:11,320 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 154 states, 117 states have (on average 1.264957264957265) internal successors, (148), 125 states have internal predecessors, (148), 18 states have call successors, (18), 15 states have call predecessors, (18), 18 states have return successors, (23), 19 states have call predecessors, (23), 18 states have call successors, (23) [2024-11-18 14:20:11,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 154 states to 154 states and 189 transitions. [2024-11-18 14:20:11,321 INFO L78 Accepts]: Start accepts. Automaton has 154 states and 189 transitions. Word has length 40 [2024-11-18 14:20:11,321 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:11,321 INFO L471 AbstractCegarLoop]: Abstraction has 154 states and 189 transitions. [2024-11-18 14:20:11,322 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 4 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-18 14:20:11,322 INFO L276 IsEmpty]: Start isEmpty. Operand 154 states and 189 transitions. [2024-11-18 14:20:11,323 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-18 14:20:11,323 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:11,323 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:11,323 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:20:11,323 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:11,324 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:11,324 INFO L85 PathProgramCache]: Analyzing trace with hash -1430117211, now seen corresponding path program 1 times [2024-11-18 14:20:11,324 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:11,324 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [194828000] [2024-11-18 14:20:11,324 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:11,324 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:11,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:11,445 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:11,445 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:11,446 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [194828000] [2024-11-18 14:20:11,446 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [194828000] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:11,447 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:11,447 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:11,447 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [214474873] [2024-11-18 14:20:11,447 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:11,447 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:11,447 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:11,448 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:11,448 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:11,448 INFO L87 Difference]: Start difference. First operand 154 states and 189 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:20:11,510 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:11,510 INFO L93 Difference]: Finished difference Result 391 states and 500 transitions. [2024-11-18 14:20:11,511 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:20:11,511 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2024-11-18 14:20:11,511 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:11,515 INFO L225 Difference]: With dead ends: 391 [2024-11-18 14:20:11,516 INFO L226 Difference]: Without dead ends: 244 [2024-11-18 14:20:11,517 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:20:11,517 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 49 mSDsluCounter, 266 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 49 SdHoareTripleChecker+Valid, 358 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:11,518 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [49 Valid, 358 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:11,518 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 244 states. [2024-11-18 14:20:11,540 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 244 to 244. [2024-11-18 14:20:11,542 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 244 states, 185 states have (on average 1.2540540540540541) internal successors, (232), 196 states have internal predecessors, (232), 30 states have call successors, (30), 26 states have call predecessors, (30), 28 states have return successors, (40), 30 states have call predecessors, (40), 30 states have call successors, (40) [2024-11-18 14:20:11,544 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 244 states to 244 states and 302 transitions. [2024-11-18 14:20:11,546 INFO L78 Accepts]: Start accepts. Automaton has 244 states and 302 transitions. Word has length 46 [2024-11-18 14:20:11,546 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:11,547 INFO L471 AbstractCegarLoop]: Abstraction has 244 states and 302 transitions. [2024-11-18 14:20:11,547 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-18 14:20:11,548 INFO L276 IsEmpty]: Start isEmpty. Operand 244 states and 302 transitions. [2024-11-18 14:20:11,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:20:11,551 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:11,551 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:11,552 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:20:11,552 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:11,552 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:11,552 INFO L85 PathProgramCache]: Analyzing trace with hash 1782384523, now seen corresponding path program 1 times [2024-11-18 14:20:11,552 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:11,553 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [631030188] [2024-11-18 14:20:11,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:11,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:11,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:11,674 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:11,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:11,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [631030188] [2024-11-18 14:20:11,675 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [631030188] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:11,675 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:11,675 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:11,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1137047734] [2024-11-18 14:20:11,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:11,675 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:11,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:11,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:11,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:11,676 INFO L87 Difference]: Start difference. First operand 244 states and 302 transitions. Second operand has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:11,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:11,749 INFO L93 Difference]: Finished difference Result 528 states and 677 transitions. [2024-11-18 14:20:11,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:20:11,749 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-18 14:20:11,750 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:11,752 INFO L225 Difference]: With dead ends: 528 [2024-11-18 14:20:11,754 INFO L226 Difference]: Without dead ends: 381 [2024-11-18 14:20:11,756 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:20:11,756 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 77 mSDsluCounter, 294 mSDsCounter, 0 mSdLazyCounter, 35 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 400 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 35 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:11,759 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 400 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 35 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:11,760 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 381 states. [2024-11-18 14:20:11,788 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 381 to 380. [2024-11-18 14:20:11,789 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 380 states, 285 states have (on average 1.2421052631578948) internal successors, (354), 303 states have internal predecessors, (354), 48 states have call successors, (48), 41 states have call predecessors, (48), 46 states have return successors, (75), 49 states have call predecessors, (75), 48 states have call successors, (75) [2024-11-18 14:20:11,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 380 states to 380 states and 477 transitions. [2024-11-18 14:20:11,791 INFO L78 Accepts]: Start accepts. Automaton has 380 states and 477 transitions. Word has length 50 [2024-11-18 14:20:11,792 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:11,792 INFO L471 AbstractCegarLoop]: Abstraction has 380 states and 477 transitions. [2024-11-18 14:20:11,792 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:11,793 INFO L276 IsEmpty]: Start isEmpty. Operand 380 states and 477 transitions. [2024-11-18 14:20:11,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:20:11,794 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:11,794 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:11,794 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:20:11,795 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:11,795 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:11,795 INFO L85 PathProgramCache]: Analyzing trace with hash 1648371017, now seen corresponding path program 1 times [2024-11-18 14:20:11,795 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:11,796 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1385765018] [2024-11-18 14:20:11,796 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:11,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:11,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:11,859 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:11,859 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:11,859 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1385765018] [2024-11-18 14:20:11,859 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1385765018] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:11,859 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:11,859 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:20:11,859 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [54152686] [2024-11-18 14:20:11,860 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:11,860 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:20:11,860 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:11,860 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:20:11,860 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:20:11,861 INFO L87 Difference]: Start difference. First operand 380 states and 477 transitions. Second operand has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:11,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:11,900 INFO L93 Difference]: Finished difference Result 665 states and 849 transitions. [2024-11-18 14:20:11,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:20:11,901 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-18 14:20:11,902 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:11,904 INFO L225 Difference]: With dead ends: 665 [2024-11-18 14:20:11,904 INFO L226 Difference]: Without dead ends: 382 [2024-11-18 14:20:11,905 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:20:11,907 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 0 mSDsluCounter, 187 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:11,908 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 285 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:11,909 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 382 states. [2024-11-18 14:20:11,943 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 382 to 382. [2024-11-18 14:20:11,944 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 382 states, 287 states have (on average 1.2369337979094077) internal successors, (355), 305 states have internal predecessors, (355), 48 states have call successors, (48), 41 states have call predecessors, (48), 46 states have return successors, (75), 49 states have call predecessors, (75), 48 states have call successors, (75) [2024-11-18 14:20:11,946 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 382 states to 382 states and 478 transitions. [2024-11-18 14:20:11,946 INFO L78 Accepts]: Start accepts. Automaton has 382 states and 478 transitions. Word has length 50 [2024-11-18 14:20:11,947 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:11,947 INFO L471 AbstractCegarLoop]: Abstraction has 382 states and 478 transitions. [2024-11-18 14:20:11,947 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:11,947 INFO L276 IsEmpty]: Start isEmpty. Operand 382 states and 478 transitions. [2024-11-18 14:20:11,948 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-18 14:20:11,948 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:11,948 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:11,948 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:20:11,949 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:11,949 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:11,949 INFO L85 PathProgramCache]: Analyzing trace with hash 1867225735, now seen corresponding path program 1 times [2024-11-18 14:20:11,949 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:11,949 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1892937376] [2024-11-18 14:20:11,949 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:11,950 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:11,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:12,004 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:20:12,004 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:12,004 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1892937376] [2024-11-18 14:20:12,006 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1892937376] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:12,007 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:12,007 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:12,007 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1898141014] [2024-11-18 14:20:12,007 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:12,007 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:12,007 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:12,008 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:12,008 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:12,008 INFO L87 Difference]: Start difference. First operand 382 states and 478 transitions. Second operand has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:12,058 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:12,059 INFO L93 Difference]: Finished difference Result 760 states and 966 transitions. [2024-11-18 14:20:12,059 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:20:12,059 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2024-11-18 14:20:12,060 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:12,062 INFO L225 Difference]: With dead ends: 760 [2024-11-18 14:20:12,063 INFO L226 Difference]: Without dead ends: 385 [2024-11-18 14:20:12,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:12,065 INFO L432 NwaCegarLoop]: 98 mSDtfsCounter, 0 mSDsluCounter, 282 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 380 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:12,065 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 380 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:12,066 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 385 states. [2024-11-18 14:20:12,092 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 385 to 385. [2024-11-18 14:20:12,093 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 385 states, 292 states have (on average 1.2294520547945205) internal successors, (359), 309 states have internal predecessors, (359), 47 states have call successors, (47), 40 states have call predecessors, (47), 45 states have return successors, (74), 48 states have call predecessors, (74), 47 states have call successors, (74) [2024-11-18 14:20:12,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 385 states to 385 states and 480 transitions. [2024-11-18 14:20:12,096 INFO L78 Accepts]: Start accepts. Automaton has 385 states and 480 transitions. Word has length 50 [2024-11-18 14:20:12,096 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:12,097 INFO L471 AbstractCegarLoop]: Abstraction has 385 states and 480 transitions. [2024-11-18 14:20:12,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.2) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:20:12,097 INFO L276 IsEmpty]: Start isEmpty. Operand 385 states and 480 transitions. [2024-11-18 14:20:12,098 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-18 14:20:12,098 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:12,098 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:12,098 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:20:12,100 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:12,101 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:12,101 INFO L85 PathProgramCache]: Analyzing trace with hash 88017873, now seen corresponding path program 1 times [2024-11-18 14:20:12,101 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:12,101 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1349542173] [2024-11-18 14:20:12,101 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:12,101 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:12,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:12,230 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:20:12,230 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:12,230 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1349542173] [2024-11-18 14:20:12,230 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1349542173] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:12,231 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:12,231 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-18 14:20:12,231 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [100543908] [2024-11-18 14:20:12,231 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:12,231 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-18 14:20:12,231 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:12,232 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-18 14:20:12,232 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=73, Unknown=0, NotChecked=0, Total=90 [2024-11-18 14:20:12,232 INFO L87 Difference]: Start difference. First operand 385 states and 480 transitions. Second operand has 10 states, 10 states have (on average 4.6) internal successors, (46), 7 states have internal predecessors, (46), 2 states have call successors, (6), 1 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:20:12,466 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:12,466 INFO L93 Difference]: Finished difference Result 1039 states and 1359 transitions. [2024-11-18 14:20:12,466 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2024-11-18 14:20:12,467 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.6) internal successors, (46), 7 states have internal predecessors, (46), 2 states have call successors, (6), 1 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2024-11-18 14:20:12,467 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:12,470 INFO L225 Difference]: With dead ends: 1039 [2024-11-18 14:20:12,470 INFO L226 Difference]: Without dead ends: 661 [2024-11-18 14:20:12,472 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 21 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=227, Unknown=0, NotChecked=0, Total=272 [2024-11-18 14:20:12,472 INFO L432 NwaCegarLoop]: 167 mSDtfsCounter, 70 mSDsluCounter, 1082 mSDsCounter, 0 mSdLazyCounter, 257 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 1249 SdHoareTripleChecker+Invalid, 260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 257 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:12,473 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 1249 Invalid, 260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 257 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:20:12,473 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 661 states. [2024-11-18 14:20:12,529 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 661 to 661. [2024-11-18 14:20:12,530 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 661 states, 493 states have (on average 1.206896551724138) internal successors, (595), 520 states have internal predecessors, (595), 88 states have call successors, (88), 75 states have call predecessors, (88), 79 states have return successors, (145), 87 states have call predecessors, (145), 88 states have call successors, (145) [2024-11-18 14:20:12,534 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 661 states to 661 states and 828 transitions. [2024-11-18 14:20:12,535 INFO L78 Accepts]: Start accepts. Automaton has 661 states and 828 transitions. Word has length 59 [2024-11-18 14:20:12,535 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:12,535 INFO L471 AbstractCegarLoop]: Abstraction has 661 states and 828 transitions. [2024-11-18 14:20:12,536 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.6) internal successors, (46), 7 states have internal predecessors, (46), 2 states have call successors, (6), 1 states have call predecessors, (6), 4 states have return successors, (5), 5 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:20:12,536 INFO L276 IsEmpty]: Start isEmpty. Operand 661 states and 828 transitions. [2024-11-18 14:20:12,538 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2024-11-18 14:20:12,538 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:12,538 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:12,539 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:20:12,539 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:12,539 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:12,540 INFO L85 PathProgramCache]: Analyzing trace with hash -229819681, now seen corresponding path program 1 times [2024-11-18 14:20:12,540 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:12,540 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1373522775] [2024-11-18 14:20:12,540 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:12,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:12,561 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:12,624 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:20:12,625 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:12,625 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1373522775] [2024-11-18 14:20:12,625 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1373522775] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:12,626 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:12,626 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:12,626 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [657925729] [2024-11-18 14:20:12,626 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:12,627 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:12,627 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:12,628 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:12,628 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:12,628 INFO L87 Difference]: Start difference. First operand 661 states and 828 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:20:12,723 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:12,723 INFO L93 Difference]: Finished difference Result 1315 states and 1649 transitions. [2024-11-18 14:20:12,724 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:20:12,724 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 60 [2024-11-18 14:20:12,724 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:12,727 INFO L225 Difference]: With dead ends: 1315 [2024-11-18 14:20:12,727 INFO L226 Difference]: Without dead ends: 661 [2024-11-18 14:20:12,729 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:20:12,730 INFO L432 NwaCegarLoop]: 133 mSDtfsCounter, 57 mSDsluCounter, 339 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 472 SdHoareTripleChecker+Invalid, 29 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:12,730 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 472 Invalid, 29 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:12,731 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 661 states. [2024-11-18 14:20:12,765 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 661 to 631. [2024-11-18 14:20:12,766 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 631 states, 471 states have (on average 1.1804670912951167) internal successors, (556), 496 states have internal predecessors, (556), 83 states have call successors, (83), 70 states have call predecessors, (83), 76 states have return successors, (117), 82 states have call predecessors, (117), 83 states have call successors, (117) [2024-11-18 14:20:12,768 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 631 states to 631 states and 756 transitions. [2024-11-18 14:20:12,769 INFO L78 Accepts]: Start accepts. Automaton has 631 states and 756 transitions. Word has length 60 [2024-11-18 14:20:12,770 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:12,770 INFO L471 AbstractCegarLoop]: Abstraction has 631 states and 756 transitions. [2024-11-18 14:20:12,770 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:20:12,770 INFO L276 IsEmpty]: Start isEmpty. Operand 631 states and 756 transitions. [2024-11-18 14:20:12,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2024-11-18 14:20:12,772 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:12,772 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:12,772 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-18 14:20:12,773 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:12,773 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:12,773 INFO L85 PathProgramCache]: Analyzing trace with hash 1400656575, now seen corresponding path program 1 times [2024-11-18 14:20:12,773 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:12,773 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1072507241] [2024-11-18 14:20:12,773 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:12,774 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:12,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:12,852 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-18 14:20:12,852 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:12,852 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1072507241] [2024-11-18 14:20:12,853 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1072507241] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:12,853 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:12,853 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:20:12,853 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [168088840] [2024-11-18 14:20:12,853 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:12,853 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:20:12,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:12,854 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:20:12,854 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:12,855 INFO L87 Difference]: Start difference. First operand 631 states and 756 transitions. Second operand has 5 states, 5 states have (on average 12.8) internal successors, (64), 5 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:20:12,905 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:12,906 INFO L93 Difference]: Finished difference Result 1255 states and 1523 transitions. [2024-11-18 14:20:12,906 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:20:12,906 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 12.8) internal successors, (64), 5 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 93 [2024-11-18 14:20:12,906 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:12,910 INFO L225 Difference]: With dead ends: 1255 [2024-11-18 14:20:12,910 INFO L226 Difference]: Without dead ends: 631 [2024-11-18 14:20:12,912 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:20:12,913 INFO L432 NwaCegarLoop]: 95 mSDtfsCounter, 0 mSDsluCounter, 279 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 374 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:12,913 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 374 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:12,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 631 states. [2024-11-18 14:20:12,961 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 631 to 631. [2024-11-18 14:20:12,962 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 631 states, 471 states have (on average 1.1719745222929936) internal successors, (552), 496 states have internal predecessors, (552), 83 states have call successors, (83), 70 states have call predecessors, (83), 76 states have return successors, (117), 82 states have call predecessors, (117), 83 states have call successors, (117) [2024-11-18 14:20:12,964 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 631 states to 631 states and 752 transitions. [2024-11-18 14:20:12,965 INFO L78 Accepts]: Start accepts. Automaton has 631 states and 752 transitions. Word has length 93 [2024-11-18 14:20:12,966 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:12,966 INFO L471 AbstractCegarLoop]: Abstraction has 631 states and 752 transitions. [2024-11-18 14:20:12,966 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 12.8) internal successors, (64), 5 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:20:12,968 INFO L276 IsEmpty]: Start isEmpty. Operand 631 states and 752 transitions. [2024-11-18 14:20:12,970 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2024-11-18 14:20:12,972 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:12,972 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:12,972 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-18 14:20:12,972 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:12,973 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:12,973 INFO L85 PathProgramCache]: Analyzing trace with hash 908030401, now seen corresponding path program 1 times [2024-11-18 14:20:12,973 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:12,973 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [690092453] [2024-11-18 14:20:12,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:12,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:12,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:13,039 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-18 14:20:13,040 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:13,040 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [690092453] [2024-11-18 14:20:13,040 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [690092453] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:20:13,040 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:20:13,040 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:20:13,040 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1720239155] [2024-11-18 14:20:13,040 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:20:13,041 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:20:13,041 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:13,041 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:20:13,041 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:20:13,041 INFO L87 Difference]: Start difference. First operand 631 states and 752 transitions. Second operand has 4 states, 4 states have (on average 16.0) internal successors, (64), 4 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:20:13,078 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:13,078 INFO L93 Difference]: Finished difference Result 1189 states and 1427 transitions. [2024-11-18 14:20:13,079 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:20:13,079 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 16.0) internal successors, (64), 4 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 93 [2024-11-18 14:20:13,080 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:13,084 INFO L225 Difference]: With dead ends: 1189 [2024-11-18 14:20:13,084 INFO L226 Difference]: Without dead ends: 565 [2024-11-18 14:20:13,087 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:20:13,087 INFO L432 NwaCegarLoop]: 96 mSDtfsCounter, 0 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 282 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:13,088 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 282 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:20:13,088 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 565 states. [2024-11-18 14:20:13,120 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 565 to 549. [2024-11-18 14:20:13,121 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 549 states, 409 states have (on average 1.1613691931540342) internal successors, (475), 431 states have internal predecessors, (475), 73 states have call successors, (73), 62 states have call predecessors, (73), 66 states have return successors, (93), 71 states have call predecessors, (93), 73 states have call successors, (93) [2024-11-18 14:20:13,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 549 states to 549 states and 641 transitions. [2024-11-18 14:20:13,125 INFO L78 Accepts]: Start accepts. Automaton has 549 states and 641 transitions. Word has length 93 [2024-11-18 14:20:13,125 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:13,125 INFO L471 AbstractCegarLoop]: Abstraction has 549 states and 641 transitions. [2024-11-18 14:20:13,125 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 16.0) internal successors, (64), 4 states have internal predecessors, (64), 2 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2024-11-18 14:20:13,126 INFO L276 IsEmpty]: Start isEmpty. Operand 549 states and 641 transitions. [2024-11-18 14:20:13,127 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 98 [2024-11-18 14:20:13,127 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:20:13,127 INFO L215 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:13,127 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2024-11-18 14:20:13,127 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:20:13,128 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:20:13,128 INFO L85 PathProgramCache]: Analyzing trace with hash 1353786525, now seen corresponding path program 1 times [2024-11-18 14:20:13,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:20:13,129 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [335933169] [2024-11-18 14:20:13,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:13,129 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:20:13,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:13,272 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 17 proven. 11 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-11-18 14:20:13,272 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:20:13,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [335933169] [2024-11-18 14:20:13,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [335933169] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:20:13,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1001145772] [2024-11-18 14:20:13,273 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:20:13,273 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:20:13,273 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:20:13,275 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:20:13,277 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:20:13,381 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:20:13,387 INFO L255 TraceCheckSpWp]: Trace formula consists of 316 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-18 14:20:13,397 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:20:13,613 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 17 proven. 12 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2024-11-18 14:20:13,614 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:20:13,939 INFO L134 CoverageAnalysis]: Checked inductivity of 40 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-18 14:20:13,940 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1001145772] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:20:13,940 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:20:13,940 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 8, 9] total 19 [2024-11-18 14:20:13,940 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1022893605] [2024-11-18 14:20:13,940 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:20:13,941 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2024-11-18 14:20:13,941 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:20:13,941 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2024-11-18 14:20:13,942 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=294, Unknown=0, NotChecked=0, Total=342 [2024-11-18 14:20:13,942 INFO L87 Difference]: Start difference. First operand 549 states and 641 transitions. Second operand has 19 states, 19 states have (on average 7.2631578947368425) internal successors, (138), 15 states have internal predecessors, (138), 7 states have call successors, (23), 7 states have call predecessors, (23), 10 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) [2024-11-18 14:20:14,881 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:20:14,882 INFO L93 Difference]: Finished difference Result 1117 states and 1358 transitions. [2024-11-18 14:20:14,882 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2024-11-18 14:20:14,883 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 19 states have (on average 7.2631578947368425) internal successors, (138), 15 states have internal predecessors, (138), 7 states have call successors, (23), 7 states have call predecessors, (23), 10 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) Word has length 97 [2024-11-18 14:20:14,883 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:20:14,884 INFO L225 Difference]: With dead ends: 1117 [2024-11-18 14:20:14,884 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:20:14,886 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 239 GetRequests, 185 SyntacticMatches, 7 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 428 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=479, Invalid=1873, Unknown=0, NotChecked=0, Total=2352 [2024-11-18 14:20:14,887 INFO L432 NwaCegarLoop]: 48 mSDtfsCounter, 382 mSDsluCounter, 505 mSDsCounter, 0 mSdLazyCounter, 771 mSolverCounterSat, 158 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 384 SdHoareTripleChecker+Valid, 553 SdHoareTripleChecker+Invalid, 929 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 158 IncrementalHoareTripleChecker+Valid, 771 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-18 14:20:14,887 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [384 Valid, 553 Invalid, 929 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [158 Valid, 771 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-18 14:20:14,888 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:20:14,888 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:20:14,888 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:20:14,889 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:20:14,890 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 97 [2024-11-18 14:20:14,890 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:20:14,890 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:20:14,890 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 19 states have (on average 7.2631578947368425) internal successors, (138), 15 states have internal predecessors, (138), 7 states have call successors, (23), 7 states have call predecessors, (23), 10 states have return successors, (23), 10 states have call predecessors, (23), 7 states have call successors, (23) [2024-11-18 14:20:14,890 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:20:14,890 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:20:14,893 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:20:14,911 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-18 14:20:15,093 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2024-11-18 14:20:15,096 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:20:15,097 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:20:18,011 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:20:18,035 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (and (or .cse0 (not .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse3 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse2 .cse3))) (or (not .cse0) .cse1))) Eliminated clause: (and (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse2 (= |old(~methaneLevelCritical~0)| 0)) (.cse3 (= ~methaneLevelCritical~0 0))) (and (or .cse2 (not .cse3)) (or (not .cse2) .cse3))))) [2024-11-18 14:20:18,037 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:20:18,042 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not .cse5))) (and (or .cse0 (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse5 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not .cse5))) (and (or .cse0 (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse5 .cse4))) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)))))) [2024-11-18 14:20:18,056 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:20:18,070 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse5 (= ~pumpRunning~0 0))) (and (let ((.cse3 (= ~pumpRunning~0 1)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse4 .cse3) (and .cse5 .cse1 .cse4) (and .cse5 .cse1 (not .cse0) .cse2))) (or (not .cse5) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (<= ~waterLevel~0 |old(~waterLevel~0)|))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse5 (= ~pumpRunning~0 0))) (and (let ((.cse3 (= ~pumpRunning~0 1)) (.cse4 (<= |old(~waterLevel~0)| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (<= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse4 .cse3) (and .cse5 .cse1 .cse4) (and .cse5 .cse1 (not .cse0) .cse2))) (or (not .cse5) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (<= ~waterLevel~0 |old(~waterLevel~0)|)))) [2024-11-18 14:20:18,073 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:20:18,077 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-18 14:20:18,080 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:20:18,083 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:20:18 BoogieIcfgContainer [2024-11-18 14:20:18,083 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:20:18,084 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:20:18,084 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:20:18,084 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:20:18,085 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:20:10" (3/4) ... [2024-11-18 14:20:18,087 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:20:18,090 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:20:18,090 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:20:18,090 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:20:18,090 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:20:18,090 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-18 14:20:18,091 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:20:18,091 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:20:18,091 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-18 14:20:18,096 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-18 14:20:18,096 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:20:18,097 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:20:18,097 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:20:18,097 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:20:18,196 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:20:18,196 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:20:18,196 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:20:18,197 INFO L158 Benchmark]: Toolchain (without parser) took 8916.15ms. Allocated memory was 151.0MB in the beginning and 281.0MB in the end (delta: 130.0MB). Free memory was 77.2MB in the beginning and 105.5MB in the end (delta: -28.3MB). Peak memory consumption was 104.5MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,197 INFO L158 Benchmark]: CDTParser took 0.64ms. Allocated memory is still 151.0MB. Free memory is still 101.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:20:18,197 INFO L158 Benchmark]: CACSL2BoogieTranslator took 479.35ms. Allocated memory was 151.0MB in the beginning and 192.9MB in the end (delta: 41.9MB). Free memory was 77.0MB in the beginning and 162.5MB in the end (delta: -85.5MB). Peak memory consumption was 32.8MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,197 INFO L158 Benchmark]: Boogie Procedure Inliner took 43.98ms. Allocated memory is still 192.9MB. Free memory was 162.5MB in the beginning and 160.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,197 INFO L158 Benchmark]: Boogie Preprocessor took 41.47ms. Allocated memory is still 192.9MB. Free memory was 160.4MB in the beginning and 158.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,198 INFO L158 Benchmark]: RCFGBuilder took 389.76ms. Allocated memory is still 192.9MB. Free memory was 158.3MB in the beginning and 139.3MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,198 INFO L158 Benchmark]: TraceAbstraction took 7838.44ms. Allocated memory was 192.9MB in the beginning and 281.0MB in the end (delta: 88.1MB). Free memory was 138.4MB in the beginning and 113.9MB in the end (delta: 24.5MB). Peak memory consumption was 139.1MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,198 INFO L158 Benchmark]: Witness Printer took 112.35ms. Allocated memory is still 281.0MB. Free memory was 113.9MB in the beginning and 105.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:20:18,199 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.64ms. Allocated memory is still 151.0MB. Free memory is still 101.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 479.35ms. Allocated memory was 151.0MB in the beginning and 192.9MB in the end (delta: 41.9MB). Free memory was 77.0MB in the beginning and 162.5MB in the end (delta: -85.5MB). Peak memory consumption was 32.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 43.98ms. Allocated memory is still 192.9MB. Free memory was 162.5MB in the beginning and 160.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 41.47ms. Allocated memory is still 192.9MB. Free memory was 160.4MB in the beginning and 158.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 389.76ms. Allocated memory is still 192.9MB. Free memory was 158.3MB in the beginning and 139.3MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7838.44ms. Allocated memory was 192.9MB in the beginning and 281.0MB in the end (delta: 88.1MB). Free memory was 138.4MB in the beginning and 113.9MB in the end (delta: 24.5MB). Peak memory consumption was 139.1MB. Max. memory is 16.1GB. * Witness Printer took 112.35ms. Allocated memory is still 281.0MB. Free memory was 113.9MB in the beginning and 105.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] - GenericResultAtLocation [Line: 186]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [186] - GenericResultAtLocation [Line: 288]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [288] - GenericResultAtLocation [Line: 485]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [485] - GenericResultAtLocation [Line: 550]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [550] - GenericResultAtLocation [Line: 585]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [585] - GenericResultAtLocation [Line: 594]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [594] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 590]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 95 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 4.8s, OverallIterations: 13, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 941 SdHoareTripleChecker+Valid, 1.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 930 mSDsluCounter, 5035 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3673 mSDsCounter, 225 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1307 IncrementalHoareTripleChecker+Invalid, 1532 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 225 mSolverCounterUnsat, 1362 mSDtfsCounter, 1307 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 316 GetRequests, 214 SyntacticMatches, 7 SemanticMatches, 95 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 455 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=661occurred in iteration=9, InterpolantAutomatonStates: 97, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 13 MinimizatonAttempts, 53 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.6s InterpolantComputationTime, 816 NumberOfCodeBlocks, 816 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 898 ConstructedInterpolants, 0 QuantifiedInterpolants, 1486 SizeOfPredicates, 2 NumberOfNonLiveVariables, 316 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 15 InterpolantComputations, 12 PerfectInterpolantSequences, 179/206 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 496]: Loop Invariant Derived loop invariant: ((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical != 0)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((waterLevel <= 1) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) - InvariantResult [Line: 495]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 199]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 318]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 119]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) == 0))) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical != 0))) && (((((waterLevel == \old(waterLevel)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 294]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((((\old(pumpRunning) != 0) || (methaneLevelCritical != 0)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel)))) || (\old(waterLevel) == 2)) && ((((\old(pumpRunning) != 0) || (methaneLevelCritical != 0)) || ((waterLevel <= \old(waterLevel)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel))))) && (((((waterLevel <= 1) && (waterLevel <= \old(waterLevel))) && (pumpRunning == 1)) || (\old(pumpRunning) != 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel))))) && (((\old(pumpRunning) != 0) || (methaneLevelCritical == 0)) || ((pumpRunning == 0) && (waterLevel <= \old(waterLevel))))) && ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || (waterLevel == 1))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 189]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 131]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((((methaneLevelCritical == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: ((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 107]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: ((((((((((methaneLevelCritical == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((1 == systemActive) && (\old(waterLevel) <= 1)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (methaneLevelCritical != 0)) && (\old(waterLevel) <= 2))) && (waterLevel <= ((long long) \old(waterLevel) + 1))) && (waterLevel <= 2)) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 326]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Ensures: (((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2))) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel)) || (methaneLevelCritical != 0))) && (((methaneLevelCritical != 0) || ((pumpRunning == 0) && (waterLevel <= 1))) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical == 0))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 410]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && (\result == methaneLevelCritical)) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:20:18,228 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE