./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 3061b6dc Calling Ultimate with: /root/.sdkman/candidates/java/11.0.12-open/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-3061b6d-m [2024-11-18 14:22:16,344 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-18 14:22:16,408 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-18 14:22:16,413 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-18 14:22:16,415 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-18 14:22:16,443 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-18 14:22:16,443 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-18 14:22:16,443 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-18 14:22:16,444 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-18 14:22:16,446 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-18 14:22:16,448 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-18 14:22:16,449 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-18 14:22:16,449 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-18 14:22:16,449 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-18 14:22:16,450 INFO L153 SettingsManager]: * Use SBE=true [2024-11-18 14:22:16,450 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-18 14:22:16,450 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-18 14:22:16,450 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-18 14:22:16,450 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-18 14:22:16,450 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-18 14:22:16,451 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-18 14:22:16,451 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-18 14:22:16,452 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-18 14:22:16,453 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-18 14:22:16,453 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-18 14:22:16,453 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-18 14:22:16,453 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-18 14:22:16,453 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:22:16,453 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-18 14:22:16,454 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-18 14:22:16,455 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-18 14:22:16,457 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-18 14:22:16,457 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c [2024-11-18 14:22:16,630 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-18 14:22:16,651 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-18 14:22:16,653 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-18 14:22:16,654 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-18 14:22:16,654 INFO L274 PluginConnector]: CDTParser initialized [2024-11-18 14:22:16,655 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-18 14:22:18,041 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-18 14:22:18,238 INFO L384 CDTParser]: Found 1 translation units. [2024-11-18 14:22:18,239 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-18 14:22:18,251 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da7fa3bfa/4257920a966943a08929120661647a8f/FLAG4a2b7c7d1 [2024-11-18 14:22:18,262 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/da7fa3bfa/4257920a966943a08929120661647a8f [2024-11-18 14:22:18,265 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-18 14:22:18,266 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-18 14:22:18,267 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-18 14:22:18,267 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-18 14:22:18,271 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-18 14:22:18,272 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,274 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@60406935 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18, skipping insertion in model container [2024-11-18 14:22:18,275 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,308 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-18 14:22:18,586 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-18 14:22:18,593 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:22:18,608 INFO L200 MainTranslator]: Completed pre-run [2024-11-18 14:22:18,616 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-18 14:22:18,618 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] [2024-11-18 14:22:18,618 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] [2024-11-18 14:22:18,618 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] [2024-11-18 14:22:18,618 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] [2024-11-18 14:22:18,618 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] [2024-11-18 14:22:18,619 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] [2024-11-18 14:22:18,619 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] [2024-11-18 14:22:18,675 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-18 14:22:18,677 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-18 14:22:18,703 INFO L204 MainTranslator]: Completed translation [2024-11-18 14:22:18,704 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18 WrapperNode [2024-11-18 14:22:18,704 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-18 14:22:18,705 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-18 14:22:18,705 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-18 14:22:18,705 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-18 14:22:18,710 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,721 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,745 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 244 [2024-11-18 14:22:18,745 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-18 14:22:18,746 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-18 14:22:18,746 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-18 14:22:18,746 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-18 14:22:18,755 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,755 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,758 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,774 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-18 14:22:18,775 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,775 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,783 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,789 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,791 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,791 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,796 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-18 14:22:18,797 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-18 14:22:18,797 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-18 14:22:18,797 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-18 14:22:18,798 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (1/1) ... [2024-11-18 14:22:18,806 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-18 14:22:18,815 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:18,831 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-18 14:22:18,835 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-18 14:22:18,877 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-18 14:22:18,878 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-18 14:22:18,878 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-18 14:22:18,878 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-18 14:22:18,878 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-18 14:22:18,878 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-18 14:22:18,878 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-18 14:22:18,878 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:18,878 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:18,878 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-18 14:22:18,878 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-18 14:22:18,879 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:22:18,879 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:22:18,879 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-18 14:22:18,879 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-18 14:22:18,879 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-18 14:22:18,879 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-18 14:22:18,879 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-18 14:22:18,879 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-18 14:22:18,879 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-18 14:22:18,880 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-18 14:22:18,880 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-18 14:22:18,880 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-18 14:22:18,880 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-18 14:22:18,963 INFO L238 CfgBuilder]: Building ICFG [2024-11-18 14:22:18,966 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-18 14:22:19,301 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-18 14:22:19,302 INFO L287 CfgBuilder]: Performing block encoding [2024-11-18 14:22:19,316 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-18 14:22:19,317 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-18 14:22:19,317 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:19 BoogieIcfgContainer [2024-11-18 14:22:19,317 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-18 14:22:19,321 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-18 14:22:19,321 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-18 14:22:19,324 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-18 14:22:19,324 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 18.11 02:22:18" (1/3) ... [2024-11-18 14:22:19,325 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@758d3be9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:22:19, skipping insertion in model container [2024-11-18 14:22:19,325 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 18.11 02:22:18" (2/3) ... [2024-11-18 14:22:19,325 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@758d3be9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 18.11 02:22:19, skipping insertion in model container [2024-11-18 14:22:19,325 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:19" (3/3) ... [2024-11-18 14:22:19,326 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product62.cil.c [2024-11-18 14:22:19,340 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-18 14:22:19,340 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-18 14:22:19,389 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-18 14:22:19,395 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6f824500, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-18 14:22:19,395 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-18 14:22:19,399 INFO L276 IsEmpty]: Start isEmpty. Operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-18 14:22:19,407 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-18 14:22:19,407 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:19,408 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:19,408 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:19,412 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:19,412 INFO L85 PathProgramCache]: Analyzing trace with hash 1960372766, now seen corresponding path program 1 times [2024-11-18 14:22:19,419 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:19,420 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [425725978] [2024-11-18 14:22:19,420 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:19,420 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:19,508 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:19,554 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:19,555 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:19,555 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [425725978] [2024-11-18 14:22:19,555 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [425725978] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:19,555 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:19,555 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-18 14:22:19,556 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2001279115] [2024-11-18 14:22:19,557 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:19,560 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-18 14:22:19,560 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:19,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-18 14:22:19,580 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:22:19,582 INFO L87 Difference]: Start difference. First operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:19,611 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:19,612 INFO L93 Difference]: Finished difference Result 219 states and 294 transitions. [2024-11-18 14:22:19,613 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-18 14:22:19,614 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-18 14:22:19,614 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:19,621 INFO L225 Difference]: With dead ends: 219 [2024-11-18 14:22:19,621 INFO L226 Difference]: Without dead ends: 105 [2024-11-18 14:22:19,624 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-18 14:22:19,626 INFO L432 NwaCegarLoop]: 144 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:19,627 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:19,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2024-11-18 14:22:19,658 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 105. [2024-11-18 14:22:19,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 77 states have (on average 1.2987012987012987) internal successors, (100), 86 states have internal predecessors, (100), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-18 14:22:19,661 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 135 transitions. [2024-11-18 14:22:19,663 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 135 transitions. Word has length 32 [2024-11-18 14:22:19,663 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:19,663 INFO L471 AbstractCegarLoop]: Abstraction has 105 states and 135 transitions. [2024-11-18 14:22:19,663 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:19,663 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 135 transitions. [2024-11-18 14:22:19,665 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-18 14:22:19,665 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:19,665 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:19,666 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-18 14:22:19,666 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:19,666 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:19,667 INFO L85 PathProgramCache]: Analyzing trace with hash -526010073, now seen corresponding path program 1 times [2024-11-18 14:22:19,667 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:19,667 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1815941852] [2024-11-18 14:22:19,667 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:19,667 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:19,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:19,741 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:19,742 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:19,742 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1815941852] [2024-11-18 14:22:19,742 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1815941852] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:19,742 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:19,742 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:19,743 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1054719512] [2024-11-18 14:22:19,743 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:19,743 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:19,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:19,744 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:19,744 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,745 INFO L87 Difference]: Start difference. First operand 105 states and 135 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:19,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:19,759 INFO L93 Difference]: Finished difference Result 174 states and 224 transitions. [2024-11-18 14:22:19,759 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:19,759 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-18 14:22:19,760 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:19,761 INFO L225 Difference]: With dead ends: 174 [2024-11-18 14:22:19,761 INFO L226 Difference]: Without dead ends: 96 [2024-11-18 14:22:19,762 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,767 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 13 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 227 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:19,768 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 227 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:19,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2024-11-18 14:22:19,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2024-11-18 14:22:19,775 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.3098591549295775) internal successors, (93), 80 states have internal predecessors, (93), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-18 14:22:19,776 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 123 transitions. [2024-11-18 14:22:19,777 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 123 transitions. Word has length 33 [2024-11-18 14:22:19,777 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:19,777 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 123 transitions. [2024-11-18 14:22:19,777 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-18 14:22:19,777 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 123 transitions. [2024-11-18 14:22:19,778 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-18 14:22:19,779 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:19,779 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:19,779 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-18 14:22:19,779 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:19,780 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:19,780 INFO L85 PathProgramCache]: Analyzing trace with hash -1914406272, now seen corresponding path program 1 times [2024-11-18 14:22:19,780 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:19,780 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2001490498] [2024-11-18 14:22:19,780 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:19,780 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:19,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:19,848 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:19,849 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:19,849 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2001490498] [2024-11-18 14:22:19,849 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2001490498] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:19,849 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:19,849 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:19,850 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1651565454] [2024-11-18 14:22:19,850 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:19,850 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:19,850 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:19,851 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:19,851 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,851 INFO L87 Difference]: Start difference. First operand 96 states and 123 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-18 14:22:19,868 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:19,869 INFO L93 Difference]: Finished difference Result 184 states and 239 transitions. [2024-11-18 14:22:19,869 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:19,869 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-18 14:22:19,870 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:19,871 INFO L225 Difference]: With dead ends: 184 [2024-11-18 14:22:19,871 INFO L226 Difference]: Without dead ends: 96 [2024-11-18 14:22:19,872 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,872 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 113 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:19,873 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 121 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:19,873 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2024-11-18 14:22:19,880 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2024-11-18 14:22:19,880 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.295774647887324) internal successors, (92), 80 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-18 14:22:19,881 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 122 transitions. [2024-11-18 14:22:19,882 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 122 transitions. Word has length 38 [2024-11-18 14:22:19,883 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:19,883 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 122 transitions. [2024-11-18 14:22:19,883 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-18 14:22:19,883 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 122 transitions. [2024-11-18 14:22:19,884 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-18 14:22:19,884 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:19,884 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:19,885 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-18 14:22:19,885 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:19,885 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:19,885 INFO L85 PathProgramCache]: Analyzing trace with hash 1685949316, now seen corresponding path program 1 times [2024-11-18 14:22:19,885 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:19,885 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [614032583] [2024-11-18 14:22:19,885 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:19,886 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:19,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:19,926 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:19,926 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:19,927 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [614032583] [2024-11-18 14:22:19,927 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [614032583] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:19,927 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:19,927 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-18 14:22:19,927 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [619439592] [2024-11-18 14:22:19,927 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:19,928 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-18 14:22:19,928 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:19,928 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-18 14:22:19,928 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,929 INFO L87 Difference]: Start difference. First operand 96 states and 122 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:19,969 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:19,969 INFO L93 Difference]: Finished difference Result 241 states and 313 transitions. [2024-11-18 14:22:19,970 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-18 14:22:19,970 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2024-11-18 14:22:19,970 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:19,971 INFO L225 Difference]: With dead ends: 241 [2024-11-18 14:22:19,971 INFO L226 Difference]: Without dead ends: 153 [2024-11-18 14:22:19,972 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-18 14:22:19,973 INFO L432 NwaCegarLoop]: 126 mSDtfsCounter, 92 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 92 SdHoareTripleChecker+Valid, 209 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:19,973 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [92 Valid, 209 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:19,974 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-18 14:22:19,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-18 14:22:19,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 113 states have (on average 1.2654867256637168) internal successors, (143), 122 states have internal predecessors, (143), 20 states have call successors, (20), 17 states have call predecessors, (20), 17 states have return successors, (26), 18 states have call predecessors, (26), 20 states have call successors, (26) [2024-11-18 14:22:19,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 189 transitions. [2024-11-18 14:22:19,990 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 189 transitions. Word has length 51 [2024-11-18 14:22:19,990 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:19,990 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 189 transitions. [2024-11-18 14:22:19,990 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-18 14:22:19,990 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 189 transitions. [2024-11-18 14:22:19,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-18 14:22:19,992 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:19,992 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:19,992 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-18 14:22:19,992 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:19,993 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:19,993 INFO L85 PathProgramCache]: Analyzing trace with hash -1718008340, now seen corresponding path program 1 times [2024-11-18 14:22:19,993 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:19,993 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [434446027] [2024-11-18 14:22:19,994 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:19,994 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:20,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:20,210 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-18 14:22:20,210 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:20,210 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [434446027] [2024-11-18 14:22:20,211 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [434446027] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:20,211 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:20,211 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-18 14:22:20,211 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1969279387] [2024-11-18 14:22:20,211 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:20,211 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-18 14:22:20,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:20,212 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-18 14:22:20,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-18 14:22:20,212 INFO L87 Difference]: Start difference. First operand 151 states and 189 transitions. Second operand has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-18 14:22:20,516 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:20,516 INFO L93 Difference]: Finished difference Result 322 states and 405 transitions. [2024-11-18 14:22:20,517 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-18 14:22:20,517 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 59 [2024-11-18 14:22:20,518 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:20,519 INFO L225 Difference]: With dead ends: 322 [2024-11-18 14:22:20,519 INFO L226 Difference]: Without dead ends: 179 [2024-11-18 14:22:20,520 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-18 14:22:20,520 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 155 mSDsluCounter, 369 mSDsCounter, 0 mSdLazyCounter, 230 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 463 SdHoareTripleChecker+Invalid, 273 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 230 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:20,521 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [162 Valid, 463 Invalid, 273 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 230 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:22:20,525 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2024-11-18 14:22:20,549 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 177. [2024-11-18 14:22:20,550 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 132 states have (on average 1.2424242424242424) internal successors, (164), 141 states have internal predecessors, (164), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-18 14:22:20,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 219 transitions. [2024-11-18 14:22:20,553 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 219 transitions. Word has length 59 [2024-11-18 14:22:20,553 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:20,553 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 219 transitions. [2024-11-18 14:22:20,553 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-18 14:22:20,554 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 219 transitions. [2024-11-18 14:22:20,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-18 14:22:20,555 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:20,555 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:20,555 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-18 14:22:20,555 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:20,555 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:20,555 INFO L85 PathProgramCache]: Analyzing trace with hash -12885391, now seen corresponding path program 1 times [2024-11-18 14:22:20,556 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:20,556 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1459535548] [2024-11-18 14:22:20,556 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:20,556 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:20,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:20,659 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:20,659 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:20,659 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1459535548] [2024-11-18 14:22:20,659 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1459535548] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:20,659 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:20,659 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-18 14:22:20,659 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1321238363] [2024-11-18 14:22:20,659 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:20,660 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-18 14:22:20,660 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:20,660 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-18 14:22:20,660 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:22:20,660 INFO L87 Difference]: Start difference. First operand 177 states and 219 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:22:20,684 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:20,685 INFO L93 Difference]: Finished difference Result 349 states and 446 transitions. [2024-11-18 14:22:20,685 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-18 14:22:20,685 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2024-11-18 14:22:20,685 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:20,686 INFO L225 Difference]: With dead ends: 349 [2024-11-18 14:22:20,687 INFO L226 Difference]: Without dead ends: 180 [2024-11-18 14:22:20,687 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-18 14:22:20,688 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 0 mSDsluCounter, 351 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:20,688 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 470 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:20,693 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-11-18 14:22:20,710 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 180. [2024-11-18 14:22:20,714 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 180 states, 135 states have (on average 1.237037037037037) internal successors, (167), 144 states have internal predecessors, (167), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-18 14:22:20,715 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 180 states to 180 states and 222 transitions. [2024-11-18 14:22:20,716 INFO L78 Accepts]: Start accepts. Automaton has 180 states and 222 transitions. Word has length 65 [2024-11-18 14:22:20,716 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:20,716 INFO L471 AbstractCegarLoop]: Abstraction has 180 states and 222 transitions. [2024-11-18 14:22:20,716 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:22:20,716 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 222 transitions. [2024-11-18 14:22:20,717 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-18 14:22:20,717 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:20,717 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:20,717 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-18 14:22:20,718 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:20,718 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:20,718 INFO L85 PathProgramCache]: Analyzing trace with hash 1373318003, now seen corresponding path program 1 times [2024-11-18 14:22:20,718 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:20,718 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2064967264] [2024-11-18 14:22:20,718 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:20,718 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:20,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:20,775 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:20,776 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:20,776 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2064967264] [2024-11-18 14:22:20,776 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2064967264] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:20,776 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:20,776 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:22:20,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2064071133] [2024-11-18 14:22:20,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:20,776 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:22:20,777 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:20,777 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:22:20,777 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:20,777 INFO L87 Difference]: Start difference. First operand 180 states and 222 transitions. Second operand has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:22:20,796 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:20,797 INFO L93 Difference]: Finished difference Result 354 states and 451 transitions. [2024-11-18 14:22:20,798 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:22:20,798 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2024-11-18 14:22:20,799 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:20,801 INFO L225 Difference]: With dead ends: 354 [2024-11-18 14:22:20,801 INFO L226 Difference]: Without dead ends: 182 [2024-11-18 14:22:20,801 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:20,802 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 0 mSDsluCounter, 234 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:20,803 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 354 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-18 14:22:20,805 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 182 states. [2024-11-18 14:22:20,818 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 182 to 182. [2024-11-18 14:22:20,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 182 states, 137 states have (on average 1.2335766423357664) internal successors, (169), 146 states have internal predecessors, (169), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-18 14:22:20,820 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 182 states to 182 states and 224 transitions. [2024-11-18 14:22:20,820 INFO L78 Accepts]: Start accepts. Automaton has 182 states and 224 transitions. Word has length 65 [2024-11-18 14:22:20,821 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:20,821 INFO L471 AbstractCegarLoop]: Abstraction has 182 states and 224 transitions. [2024-11-18 14:22:20,821 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-18 14:22:20,821 INFO L276 IsEmpty]: Start isEmpty. Operand 182 states and 224 transitions. [2024-11-18 14:22:20,822 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-18 14:22:20,822 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:20,822 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:20,822 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-18 14:22:20,822 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:20,822 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:20,822 INFO L85 PathProgramCache]: Analyzing trace with hash 2074917877, now seen corresponding path program 1 times [2024-11-18 14:22:20,823 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:20,823 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [185050158] [2024-11-18 14:22:20,823 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:20,823 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:20,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:20,902 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:20,902 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:20,903 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [185050158] [2024-11-18 14:22:20,903 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [185050158] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:20,903 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:20,903 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-18 14:22:20,903 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1960438351] [2024-11-18 14:22:20,903 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:20,903 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-18 14:22:20,903 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:20,904 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-18 14:22:20,904 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:20,904 INFO L87 Difference]: Start difference. First operand 182 states and 224 transitions. Second operand has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:22:21,057 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:21,059 INFO L93 Difference]: Finished difference Result 556 states and 710 transitions. [2024-11-18 14:22:21,060 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-18 14:22:21,060 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 65 [2024-11-18 14:22:21,060 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:21,063 INFO L225 Difference]: With dead ends: 556 [2024-11-18 14:22:21,064 INFO L226 Difference]: Without dead ends: 382 [2024-11-18 14:22:21,065 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-18 14:22:21,068 INFO L432 NwaCegarLoop]: 207 mSDtfsCounter, 148 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 81 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:21,069 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 402 Invalid, 81 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-18 14:22:21,070 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 382 states. [2024-11-18 14:22:21,110 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 382 to 375. [2024-11-18 14:22:21,111 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 375 states, 280 states have (on average 1.2178571428571427) internal successors, (341), 296 states have internal predecessors, (341), 48 states have call successors, (48), 38 states have call predecessors, (48), 46 states have return successors, (83), 51 states have call predecessors, (83), 48 states have call successors, (83) [2024-11-18 14:22:21,113 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 375 states to 375 states and 472 transitions. [2024-11-18 14:22:21,114 INFO L78 Accepts]: Start accepts. Automaton has 375 states and 472 transitions. Word has length 65 [2024-11-18 14:22:21,115 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:21,115 INFO L471 AbstractCegarLoop]: Abstraction has 375 states and 472 transitions. [2024-11-18 14:22:21,118 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-18 14:22:21,118 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 472 transitions. [2024-11-18 14:22:21,119 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2024-11-18 14:22:21,119 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:21,119 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:21,119 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-18 14:22:21,120 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:21,120 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:21,120 INFO L85 PathProgramCache]: Analyzing trace with hash 843636315, now seen corresponding path program 1 times [2024-11-18 14:22:21,123 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:21,123 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1538561609] [2024-11-18 14:22:21,123 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:21,123 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:21,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:21,331 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-18 14:22:21,332 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:21,332 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1538561609] [2024-11-18 14:22:21,332 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1538561609] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-18 14:22:21,332 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-18 14:22:21,332 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-18 14:22:21,332 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [4785041] [2024-11-18 14:22:21,333 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-18 14:22:21,333 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-18 14:22:21,334 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:21,335 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-18 14:22:21,335 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=65, Unknown=0, NotChecked=0, Total=90 [2024-11-18 14:22:21,335 INFO L87 Difference]: Start difference. First operand 375 states and 472 transitions. Second operand has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-18 14:22:21,719 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:21,720 INFO L93 Difference]: Finished difference Result 979 states and 1302 transitions. [2024-11-18 14:22:21,720 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-18 14:22:21,720 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 69 [2024-11-18 14:22:21,720 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:21,723 INFO L225 Difference]: With dead ends: 979 [2024-11-18 14:22:21,724 INFO L226 Difference]: Without dead ends: 668 [2024-11-18 14:22:21,726 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 34 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=75, Invalid=165, Unknown=0, NotChecked=0, Total=240 [2024-11-18 14:22:21,727 INFO L432 NwaCegarLoop]: 137 mSDtfsCounter, 404 mSDsluCounter, 480 mSDsCounter, 0 mSdLazyCounter, 334 mSolverCounterSat, 106 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 411 SdHoareTripleChecker+Valid, 617 SdHoareTripleChecker+Invalid, 440 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 106 IncrementalHoareTripleChecker+Valid, 334 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:21,728 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [411 Valid, 617 Invalid, 440 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [106 Valid, 334 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-18 14:22:21,728 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 668 states. [2024-11-18 14:22:21,787 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 668 to 603. [2024-11-18 14:22:21,789 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 603 states, 450 states have (on average 1.2022222222222223) internal successors, (541), 474 states have internal predecessors, (541), 78 states have call successors, (78), 64 states have call predecessors, (78), 74 states have return successors, (139), 79 states have call predecessors, (139), 78 states have call successors, (139) [2024-11-18 14:22:21,792 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 603 states to 603 states and 758 transitions. [2024-11-18 14:22:21,793 INFO L78 Accepts]: Start accepts. Automaton has 603 states and 758 transitions. Word has length 69 [2024-11-18 14:22:21,793 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:21,793 INFO L471 AbstractCegarLoop]: Abstraction has 603 states and 758 transitions. [2024-11-18 14:22:21,794 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-18 14:22:21,794 INFO L276 IsEmpty]: Start isEmpty. Operand 603 states and 758 transitions. [2024-11-18 14:22:21,795 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2024-11-18 14:22:21,795 INFO L207 NwaCegarLoop]: Found error trace [2024-11-18 14:22:21,795 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:21,797 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-18 14:22:21,797 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-18 14:22:21,797 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-18 14:22:21,797 INFO L85 PathProgramCache]: Analyzing trace with hash 2033626689, now seen corresponding path program 1 times [2024-11-18 14:22:21,798 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-18 14:22:21,798 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [163168551] [2024-11-18 14:22:21,798 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:21,798 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-18 14:22:21,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:21,932 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-18 14:22:21,932 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-18 14:22:21,932 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [163168551] [2024-11-18 14:22:21,934 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [163168551] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-18 14:22:21,934 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [615506758] [2024-11-18 14:22:21,934 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-18 14:22:21,934 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-18 14:22:21,934 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-18 14:22:21,936 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-18 14:22:21,937 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-18 14:22:22,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-18 14:22:22,031 INFO L255 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-18 14:22:22,038 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-18 14:22:22,223 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 31 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-18 14:22:22,224 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-18 14:22:22,434 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-18 14:22:22,434 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [615506758] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-18 14:22:22,434 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-18 14:22:22,434 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 15 [2024-11-18 14:22:22,434 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [740369791] [2024-11-18 14:22:22,435 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-18 14:22:22,435 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-18 14:22:22,435 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-18 14:22:22,436 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-18 14:22:22,436 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=169, Unknown=0, NotChecked=0, Total=210 [2024-11-18 14:22:22,436 INFO L87 Difference]: Start difference. First operand 603 states and 758 transitions. Second operand has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) [2024-11-18 14:22:22,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-18 14:22:22,832 INFO L93 Difference]: Finished difference Result 1257 states and 1613 transitions. [2024-11-18 14:22:22,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-11-18 14:22:22,833 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) Word has length 123 [2024-11-18 14:22:22,833 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-18 14:22:22,834 INFO L225 Difference]: With dead ends: 1257 [2024-11-18 14:22:22,834 INFO L226 Difference]: Without dead ends: 0 [2024-11-18 14:22:22,837 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 270 GetRequests, 242 SyntacticMatches, 4 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 133 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=162, Invalid=488, Unknown=0, NotChecked=0, Total=650 [2024-11-18 14:22:22,837 INFO L432 NwaCegarLoop]: 232 mSDtfsCounter, 388 mSDsluCounter, 1293 mSDsCounter, 0 mSdLazyCounter, 365 mSolverCounterSat, 139 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 390 SdHoareTripleChecker+Valid, 1525 SdHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 139 IncrementalHoareTripleChecker+Valid, 365 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-18 14:22:22,837 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [390 Valid, 1525 Invalid, 504 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [139 Valid, 365 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-18 14:22:22,838 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-18 14:22:22,838 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-18 14:22:22,838 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-18 14:22:22,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-18 14:22:22,839 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 123 [2024-11-18 14:22:22,839 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-18 14:22:22,839 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-18 14:22:22,839 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) [2024-11-18 14:22:22,839 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-18 14:22:22,839 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-18 14:22:22,841 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-18 14:22:22,883 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-18 14:22:23,044 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-18 14:22:23,046 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-18 14:22:23,048 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-18 14:22:26,992 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-18 14:22:27,006 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 1) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) (= ~pumpRunning~0 1)) Eliminated clause: (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) (= ~pumpRunning~0 1)) [2024-11-18 14:22:27,022 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) (<= 1 ~switchedOnBeforeTS~0)) (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (or (not .cse2) (and .cse1 (= ~pumpRunning~0 1))) (let ((.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse3 .cse2 (= |old(~waterLevel~0)| 2)) (and .cse3 .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4) (and .cse3 .cse0 .cse4))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (or (not .cse2) (and .cse1 (= ~pumpRunning~0 1))) (or (< |old(~switchedOnBeforeTS~0)| 1) (< 0 ~switchedOnBeforeTS~0)) (let ((.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse3 .cse2 (= |old(~waterLevel~0)| 2)) (and .cse3 .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4) (and .cse3 .cse0 .cse4)))))) [2024-11-18 14:22:27,027 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:27,031 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0))))))) [2024-11-18 14:22:27,033 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:27,036 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 1))) (or (and .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse1 .cse0 .cse3))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1)))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 1))) (or (and .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse1 .cse0 .cse3))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1))))) [2024-11-18 14:22:27,039 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:27,042 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0))))))) [2024-11-18 14:22:27,043 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-18 14:22:27,049 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 18.11 02:22:27 BoogieIcfgContainer [2024-11-18 14:22:27,050 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-18 14:22:27,050 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-18 14:22:27,050 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-18 14:22:27,050 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-18 14:22:27,051 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 18.11 02:22:19" (3/4) ... [2024-11-18 14:22:27,054 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-18 14:22:27,057 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-18 14:22:27,057 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-18 14:22:27,059 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-18 14:22:27,059 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-18 14:22:27,059 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-18 14:22:27,059 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-18 14:22:27,060 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-18 14:22:27,060 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-18 14:22:27,060 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-18 14:22:27,060 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-18 14:22:27,068 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-18 14:22:27,072 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-18 14:22:27,072 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-18 14:22:27,073 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:22:27,073 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-18 14:22:27,154 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-18 14:22:27,154 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-18 14:22:27,154 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-18 14:22:27,155 INFO L158 Benchmark]: Toolchain (without parser) took 8888.93ms. Allocated memory was 201.3MB in the beginning and 392.2MB in the end (delta: 190.8MB). Free memory was 130.1MB in the beginning and 218.6MB in the end (delta: -88.5MB). Peak memory consumption was 103.6MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,155 INFO L158 Benchmark]: CDTParser took 0.18ms. Allocated memory is still 201.3MB. Free memory is still 158.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-18 14:22:27,155 INFO L158 Benchmark]: CACSL2BoogieTranslator took 436.98ms. Allocated memory is still 201.3MB. Free memory was 129.8MB in the beginning and 106.6MB in the end (delta: 23.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,155 INFO L158 Benchmark]: Boogie Procedure Inliner took 40.57ms. Allocated memory is still 201.3MB. Free memory was 106.6MB in the beginning and 104.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,155 INFO L158 Benchmark]: Boogie Preprocessor took 50.53ms. Allocated memory is still 201.3MB. Free memory was 104.2MB in the beginning and 101.6MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,156 INFO L158 Benchmark]: RCFGBuilder took 520.46ms. Allocated memory is still 201.3MB. Free memory was 101.6MB in the beginning and 155.3MB in the end (delta: -53.7MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,156 INFO L158 Benchmark]: TraceAbstraction took 7728.98ms. Allocated memory was 201.3MB in the beginning and 392.2MB in the end (delta: 190.8MB). Free memory was 154.3MB in the beginning and 228.0MB in the end (delta: -73.7MB). Peak memory consumption was 167.2MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,156 INFO L158 Benchmark]: Witness Printer took 104.15ms. Allocated memory is still 392.2MB. Free memory was 228.0MB in the beginning and 218.6MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-18 14:22:27,157 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.18ms. Allocated memory is still 201.3MB. Free memory is still 158.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 436.98ms. Allocated memory is still 201.3MB. Free memory was 129.8MB in the beginning and 106.6MB in the end (delta: 23.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 40.57ms. Allocated memory is still 201.3MB. Free memory was 106.6MB in the beginning and 104.2MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.53ms. Allocated memory is still 201.3MB. Free memory was 104.2MB in the beginning and 101.6MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 520.46ms. Allocated memory is still 201.3MB. Free memory was 101.6MB in the beginning and 155.3MB in the end (delta: -53.7MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * TraceAbstraction took 7728.98ms. Allocated memory was 201.3MB in the beginning and 392.2MB in the end (delta: 190.8MB). Free memory was 154.3MB in the beginning and 228.0MB in the end (delta: -73.7MB). Peak memory consumption was 167.2MB. Max. memory is 16.1GB. * Witness Printer took 104.15ms. Allocated memory is still 392.2MB. Free memory was 228.0MB in the beginning and 218.6MB in the end (delta: 9.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] - GenericResultAtLocation [Line: 364]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] - GenericResultAtLocation [Line: 434]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] - GenericResultAtLocation [Line: 800]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] - GenericResultAtLocation [Line: 903]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] - GenericResultAtLocation [Line: 1003]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] - GenericResultAtLocation [Line: 1012]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1008]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 114 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.7s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1332 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1313 mSDsluCounter, 4532 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3110 mSDsCounter, 302 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1046 IncrementalHoareTripleChecker+Invalid, 1348 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 302 mSolverCounterUnsat, 1422 mSDtfsCounter, 1046 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 333 GetRequests, 269 SyntacticMatches, 4 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 185 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=603occurred in iteration=9, InterpolantAutomatonStates: 60, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 76 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.1s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 723 NumberOfCodeBlocks, 723 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 834 ConstructedInterpolants, 0 QuantifiedInterpolants, 1542 SizeOfPredicates, 2 NumberOfNonLiveVariables, 387 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 119/153 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 377]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 378]: Loop Invariant Derived loop invariant: (((((((1 == systemActive) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((2 == waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) - ProcedureContractResult [Line: 203]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 827]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 905]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (((2 == waterLevel) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) && (1 == systemActive)) && ((((\old(pumpRunning) == 1) && (\old(waterLevel) == 2)) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) || (((\old(pumpRunning) == 1) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)))) && (((\old(pumpRunning) != 1) || (\old(waterLevel) != 2)) || (waterLevel == 1))) && (((\old(pumpRunning) != 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: (((((\old(pumpRunning) != 1) || (pumpRunning == 1)) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 815]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (\old(waterLevel) == 2)) && (pumpRunning == 1)))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 127]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (2 == waterLevel)) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 222]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: ((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && ((pumpRunning != 0) || (\result == 0))) && ((\result == 1) || (pumpRunning != 1))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-18 14:22:27,201 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE