./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 803cd42f Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-803cd42-m [2024-11-22 02:05:03,108 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-22 02:05:03,178 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-22 02:05:03,184 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-22 02:05:03,185 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-22 02:05:03,206 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-22 02:05:03,208 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-22 02:05:03,208 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-22 02:05:03,209 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-22 02:05:03,209 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-22 02:05:03,210 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-22 02:05:03,210 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-22 02:05:03,210 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-22 02:05:03,211 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-22 02:05:03,212 INFO L153 SettingsManager]: * Use SBE=true [2024-11-22 02:05:03,212 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-22 02:05:03,212 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-22 02:05:03,212 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-22 02:05:03,213 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-22 02:05:03,213 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-22 02:05:03,213 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-22 02:05:03,216 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-22 02:05:03,216 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-22 02:05:03,216 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-22 02:05:03,216 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-22 02:05:03,217 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-22 02:05:03,217 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-22 02:05:03,217 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-22 02:05:03,217 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-22 02:05:03,217 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:05:03,218 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-22 02:05:03,218 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-22 02:05:03,219 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-22 02:05:03,219 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-22 02:05:03,219 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-22 02:05:03,219 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-22 02:05:03,220 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-22 02:05:03,220 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> cbcb1e9315abec7fabb6a689d6a1c811fb94154c71589df191460c14d014c3cb [2024-11-22 02:05:03,430 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-22 02:05:03,451 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-22 02:05:03,455 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-22 02:05:03,456 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-22 02:05:03,456 INFO L274 PluginConnector]: CDTParser initialized [2024-11-22 02:05:03,458 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-22 02:05:04,781 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-22 02:05:04,957 INFO L384 CDTParser]: Found 1 translation units. [2024-11-22 02:05:04,958 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c [2024-11-22 02:05:04,974 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/487f00905/3ec50674bbf743019a7e678add49780d/FLAGfcc062f82 [2024-11-22 02:05:05,346 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/487f00905/3ec50674bbf743019a7e678add49780d [2024-11-22 02:05:05,348 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-22 02:05:05,349 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-22 02:05:05,349 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-22 02:05:05,350 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-22 02:05:05,354 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-22 02:05:05,354 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,355 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7d7d5ffa and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05, skipping insertion in model container [2024-11-22 02:05:05,357 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,390 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-22 02:05:05,599 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-22 02:05:05,668 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:05:05,676 INFO L200 MainTranslator]: Completed pre-run [2024-11-22 02:05:05,685 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-22 02:05:05,687 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] [2024-11-22 02:05:05,687 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] [2024-11-22 02:05:05,690 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] [2024-11-22 02:05:05,690 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] [2024-11-22 02:05:05,690 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] [2024-11-22 02:05:05,690 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] [2024-11-22 02:05:05,690 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] [2024-11-22 02:05:05,709 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product54.cil.c[4478,4491] [2024-11-22 02:05:05,753 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:05:05,775 INFO L204 MainTranslator]: Completed translation [2024-11-22 02:05:05,775 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05 WrapperNode [2024-11-22 02:05:05,776 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-22 02:05:05,777 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-22 02:05:05,777 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-22 02:05:05,777 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-22 02:05:05,782 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,792 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,816 INFO L138 Inliner]: procedures = 57, calls = 104, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 231 [2024-11-22 02:05:05,817 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-22 02:05:05,817 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-22 02:05:05,818 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-22 02:05:05,818 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-22 02:05:05,827 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,827 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,830 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,844 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-22 02:05:05,844 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,844 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,848 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,851 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,852 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,853 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,855 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-22 02:05:05,855 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-22 02:05:05,855 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-22 02:05:05,855 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-22 02:05:05,856 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (1/1) ... [2024-11-22 02:05:05,866 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:05:05,875 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:05:05,887 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-22 02:05:05,889 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-22 02:05:05,925 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-22 02:05:05,925 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-22 02:05:05,926 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-22 02:05:05,926 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-22 02:05:05,926 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-22 02:05:05,926 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-22 02:05:05,926 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-22 02:05:05,926 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2024-11-22 02:05:05,926 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2024-11-22 02:05:05,926 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:05,926 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:05,926 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-22 02:05:05,927 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-22 02:05:05,927 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-22 02:05:05,927 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-22 02:05:05,927 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-22 02:05:05,927 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-22 02:05:05,927 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-22 02:05:05,927 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-22 02:05:05,927 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-22 02:05:05,927 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-22 02:05:05,928 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-22 02:05:05,988 INFO L238 CfgBuilder]: Building ICFG [2024-11-22 02:05:05,989 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-22 02:05:06,201 INFO L? ?]: Removed 53 outVars from TransFormulas that were not future-live. [2024-11-22 02:05:06,202 INFO L287 CfgBuilder]: Performing block encoding [2024-11-22 02:05:06,216 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-22 02:05:06,217 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-22 02:05:06,218 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:06 BoogieIcfgContainer [2024-11-22 02:05:06,218 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-22 02:05:06,220 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-22 02:05:06,220 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-22 02:05:06,222 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-22 02:05:06,222 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.11 02:05:05" (1/3) ... [2024-11-22 02:05:06,223 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7b958928 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:05:06, skipping insertion in model container [2024-11-22 02:05:06,223 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:05:05" (2/3) ... [2024-11-22 02:05:06,224 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7b958928 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:05:06, skipping insertion in model container [2024-11-22 02:05:06,224 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:06" (3/3) ... [2024-11-22 02:05:06,225 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product54.cil.c [2024-11-22 02:05:06,237 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-22 02:05:06,238 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-22 02:05:06,280 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-22 02:05:06,284 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@df56988, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-22 02:05:06,284 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-22 02:05:06,288 INFO L276 IsEmpty]: Start isEmpty. Operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-22 02:05:06,294 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2024-11-22 02:05:06,294 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:06,295 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:06,295 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:06,299 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:06,299 INFO L85 PathProgramCache]: Analyzing trace with hash 149329663, now seen corresponding path program 1 times [2024-11-22 02:05:06,307 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:06,307 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [211435623] [2024-11-22 02:05:06,308 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:06,308 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:06,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:06,496 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:06,501 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:06,501 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [211435623] [2024-11-22 02:05:06,501 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [211435623] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:06,501 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:06,502 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-22 02:05:06,503 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [712391215] [2024-11-22 02:05:06,504 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:06,507 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-22 02:05:06,508 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:06,525 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-22 02:05:06,526 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:05:06,528 INFO L87 Difference]: Start difference. First operand has 103 states, 76 states have (on average 1.381578947368421) internal successors, (105), 86 states have internal predecessors, (105), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,563 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:06,563 INFO L93 Difference]: Finished difference Result 198 states and 269 transitions. [2024-11-22 02:05:06,568 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-22 02:05:06,569 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2024-11-22 02:05:06,570 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:06,577 INFO L225 Difference]: With dead ends: 198 [2024-11-22 02:05:06,577 INFO L226 Difference]: Without dead ends: 94 [2024-11-22 02:05:06,598 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:05:06,605 INFO L432 NwaCegarLoop]: 131 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:06,607 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 131 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:06,626 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 94 states. [2024-11-22 02:05:06,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 94 to 94. [2024-11-22 02:05:06,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 94 states, 69 states have (on average 1.318840579710145) internal successors, (91), 78 states have internal predecessors, (91), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-22 02:05:06,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 94 states to 94 states and 122 transitions. [2024-11-22 02:05:06,650 INFO L78 Accepts]: Start accepts. Automaton has 94 states and 122 transitions. Word has length 25 [2024-11-22 02:05:06,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:06,650 INFO L471 AbstractCegarLoop]: Abstraction has 94 states and 122 transitions. [2024-11-22 02:05:06,650 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,650 INFO L276 IsEmpty]: Start isEmpty. Operand 94 states and 122 transitions. [2024-11-22 02:05:06,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2024-11-22 02:05:06,654 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:06,654 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:06,654 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-22 02:05:06,654 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:06,655 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:06,655 INFO L85 PathProgramCache]: Analyzing trace with hash 67554452, now seen corresponding path program 1 times [2024-11-22 02:05:06,656 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:06,656 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1796945986] [2024-11-22 02:05:06,656 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:06,657 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:06,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:06,751 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:06,751 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:06,751 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1796945986] [2024-11-22 02:05:06,751 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1796945986] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:06,752 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:06,752 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:05:06,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1466444493] [2024-11-22 02:05:06,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:06,753 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:05:06,753 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:06,754 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:05:06,754 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,754 INFO L87 Difference]: Start difference. First operand 94 states and 122 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,771 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:06,771 INFO L93 Difference]: Finished difference Result 153 states and 199 transitions. [2024-11-22 02:05:06,773 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:05:06,773 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2024-11-22 02:05:06,773 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:06,774 INFO L225 Difference]: With dead ends: 153 [2024-11-22 02:05:06,775 INFO L226 Difference]: Without dead ends: 85 [2024-11-22 02:05:06,776 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,777 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 13 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:06,778 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 201 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:06,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-22 02:05:06,787 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-22 02:05:06,788 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3333333333333333) internal successors, (84), 72 states have internal predecessors, (84), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-22 02:05:06,790 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 110 transitions. [2024-11-22 02:05:06,792 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 110 transitions. Word has length 26 [2024-11-22 02:05:06,792 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:06,793 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 110 transitions. [2024-11-22 02:05:06,793 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,793 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 110 transitions. [2024-11-22 02:05:06,794 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2024-11-22 02:05:06,794 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:06,794 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:06,794 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-22 02:05:06,794 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:06,795 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:06,795 INFO L85 PathProgramCache]: Analyzing trace with hash -6965766, now seen corresponding path program 1 times [2024-11-22 02:05:06,795 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:06,795 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1926376435] [2024-11-22 02:05:06,796 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:06,796 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:06,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:06,879 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:06,880 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:06,880 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1926376435] [2024-11-22 02:05:06,880 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1926376435] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:06,880 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:06,880 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:05:06,881 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [856738672] [2024-11-22 02:05:06,881 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:06,881 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:05:06,881 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:06,882 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:05:06,882 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,882 INFO L87 Difference]: Start difference. First operand 85 states and 110 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:06,903 INFO L93 Difference]: Finished difference Result 163 states and 214 transitions. [2024-11-22 02:05:06,906 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:05:06,906 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2024-11-22 02:05:06,907 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:06,907 INFO L225 Difference]: With dead ends: 163 [2024-11-22 02:05:06,907 INFO L226 Difference]: Without dead ends: 85 [2024-11-22 02:05:06,908 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,909 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 104 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:06,909 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 108 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:06,910 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2024-11-22 02:05:06,915 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 85. [2024-11-22 02:05:06,916 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 85 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 72 states have internal predecessors, (83), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2024-11-22 02:05:06,916 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 85 states to 85 states and 109 transitions. [2024-11-22 02:05:06,917 INFO L78 Accepts]: Start accepts. Automaton has 85 states and 109 transitions. Word has length 31 [2024-11-22 02:05:06,917 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:06,917 INFO L471 AbstractCegarLoop]: Abstraction has 85 states and 109 transitions. [2024-11-22 02:05:06,917 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2024-11-22 02:05:06,917 INFO L276 IsEmpty]: Start isEmpty. Operand 85 states and 109 transitions. [2024-11-22 02:05:06,918 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-22 02:05:06,918 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:06,918 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:06,919 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-22 02:05:06,919 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:06,919 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:06,919 INFO L85 PathProgramCache]: Analyzing trace with hash 1330354743, now seen corresponding path program 1 times [2024-11-22 02:05:06,919 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:06,920 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [187660318] [2024-11-22 02:05:06,920 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:06,920 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:06,930 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:06,949 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:05:06,949 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:06,949 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [187660318] [2024-11-22 02:05:06,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [187660318] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:06,950 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:06,950 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:05:06,950 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1940060181] [2024-11-22 02:05:06,950 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:06,950 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:05:06,950 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:06,951 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:05:06,951 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,951 INFO L87 Difference]: Start difference. First operand 85 states and 109 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-22 02:05:06,989 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:06,990 INFO L93 Difference]: Finished difference Result 212 states and 280 transitions. [2024-11-22 02:05:06,990 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:05:06,991 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) Word has length 44 [2024-11-22 02:05:06,991 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:06,993 INFO L225 Difference]: With dead ends: 212 [2024-11-22 02:05:06,993 INFO L226 Difference]: Without dead ends: 134 [2024-11-22 02:05:06,994 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:05:06,995 INFO L432 NwaCegarLoop]: 128 mSDtfsCounter, 78 mSDsluCounter, 76 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 204 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:06,997 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 204 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:06,998 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 134 states. [2024-11-22 02:05:07,014 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 134 to 132. [2024-11-22 02:05:07,015 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 132 states, 99 states have (on average 1.292929292929293) internal successors, (128), 107 states have internal predecessors, (128), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-22 02:05:07,016 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 132 states to 132 states and 168 transitions. [2024-11-22 02:05:07,017 INFO L78 Accepts]: Start accepts. Automaton has 132 states and 168 transitions. Word has length 44 [2024-11-22 02:05:07,017 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,017 INFO L471 AbstractCegarLoop]: Abstraction has 132 states and 168 transitions. [2024-11-22 02:05:07,018 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (4), 1 states have call predecessors, (4), 1 states have return successors, (3), 1 states have call predecessors, (3), 1 states have call successors, (3) [2024-11-22 02:05:07,018 INFO L276 IsEmpty]: Start isEmpty. Operand 132 states and 168 transitions. [2024-11-22 02:05:07,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:07,021 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,022 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,022 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-22 02:05:07,022 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,022 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,022 INFO L85 PathProgramCache]: Analyzing trace with hash 1858639799, now seen corresponding path program 1 times [2024-11-22 02:05:07,023 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,023 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [658266747] [2024-11-22 02:05:07,023 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,023 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,139 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,139 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,139 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [658266747] [2024-11-22 02:05:07,139 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [658266747] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,139 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,139 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:07,140 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [45822696] [2024-11-22 02:05:07,140 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,140 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:07,140 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,141 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:07,141 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,141 INFO L87 Difference]: Start difference. First operand 132 states and 168 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:07,178 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:07,179 INFO L93 Difference]: Finished difference Result 260 states and 339 transitions. [2024-11-22 02:05:07,179 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:07,180 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-22 02:05:07,180 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:07,181 INFO L225 Difference]: With dead ends: 260 [2024-11-22 02:05:07,181 INFO L226 Difference]: Without dead ends: 135 [2024-11-22 02:05:07,182 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,182 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:07,183 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 418 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:07,186 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 135 states. [2024-11-22 02:05:07,195 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 135 to 135. [2024-11-22 02:05:07,197 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 135 states, 102 states have (on average 1.2843137254901962) internal successors, (131), 110 states have internal predecessors, (131), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-22 02:05:07,198 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 135 states to 135 states and 171 transitions. [2024-11-22 02:05:07,198 INFO L78 Accepts]: Start accepts. Automaton has 135 states and 171 transitions. Word has length 50 [2024-11-22 02:05:07,198 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,199 INFO L471 AbstractCegarLoop]: Abstraction has 135 states and 171 transitions. [2024-11-22 02:05:07,199 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 1 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:07,199 INFO L276 IsEmpty]: Start isEmpty. Operand 135 states and 171 transitions. [2024-11-22 02:05:07,200 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:07,200 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,200 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,200 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-22 02:05:07,201 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,202 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,202 INFO L85 PathProgramCache]: Analyzing trace with hash 2077494517, now seen corresponding path program 1 times [2024-11-22 02:05:07,202 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,202 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [442508836] [2024-11-22 02:05:07,202 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,203 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,218 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,299 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,299 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,299 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [442508836] [2024-11-22 02:05:07,299 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [442508836] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,300 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,300 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:07,300 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1183543615] [2024-11-22 02:05:07,300 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,300 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:07,301 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,301 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:07,301 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,301 INFO L87 Difference]: Start difference. First operand 135 states and 171 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:07,355 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:07,356 INFO L93 Difference]: Finished difference Result 265 states and 350 transitions. [2024-11-22 02:05:07,357 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:07,358 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 50 [2024-11-22 02:05:07,358 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:07,359 INFO L225 Difference]: With dead ends: 265 [2024-11-22 02:05:07,361 INFO L226 Difference]: Without dead ends: 137 [2024-11-22 02:05:07,361 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:07,362 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 106 mSDsluCounter, 206 mSDsCounter, 0 mSdLazyCounter, 14 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 106 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 14 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:07,364 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [106 Valid, 312 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 14 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:07,365 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 137 states. [2024-11-22 02:05:07,377 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 137 to 137. [2024-11-22 02:05:07,377 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 137 states, 104 states have (on average 1.2788461538461537) internal successors, (133), 112 states have internal predecessors, (133), 17 states have call successors, (17), 15 states have call predecessors, (17), 15 states have return successors, (23), 15 states have call predecessors, (23), 17 states have call successors, (23) [2024-11-22 02:05:07,378 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 137 states to 137 states and 173 transitions. [2024-11-22 02:05:07,379 INFO L78 Accepts]: Start accepts. Automaton has 137 states and 173 transitions. Word has length 50 [2024-11-22 02:05:07,379 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,382 INFO L471 AbstractCegarLoop]: Abstraction has 137 states and 173 transitions. [2024-11-22 02:05:07,383 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2024-11-22 02:05:07,383 INFO L276 IsEmpty]: Start isEmpty. Operand 137 states and 173 transitions. [2024-11-22 02:05:07,384 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2024-11-22 02:05:07,384 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,384 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,384 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-22 02:05:07,384 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,385 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,385 INFO L85 PathProgramCache]: Analyzing trace with hash 1943481011, now seen corresponding path program 1 times [2024-11-22 02:05:07,385 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,385 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1605228341] [2024-11-22 02:05:07,385 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,386 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,481 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,481 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,481 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1605228341] [2024-11-22 02:05:07,482 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1605228341] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,482 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,482 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-22 02:05:07,482 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [474041564] [2024-11-22 02:05:07,482 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,482 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-22 02:05:07,483 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,483 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-22 02:05:07,483 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:07,483 INFO L87 Difference]: Start difference. First operand 137 states and 173 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-22 02:05:07,587 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:07,587 INFO L93 Difference]: Finished difference Result 447 states and 585 transitions. [2024-11-22 02:05:07,588 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-22 02:05:07,588 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 50 [2024-11-22 02:05:07,588 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:07,592 INFO L225 Difference]: With dead ends: 447 [2024-11-22 02:05:07,593 INFO L226 Difference]: Without dead ends: 317 [2024-11-22 02:05:07,593 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:07,594 INFO L432 NwaCegarLoop]: 188 mSDtfsCounter, 145 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 67 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 72 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 67 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:07,597 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 366 Invalid, 72 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 67 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:05:07,598 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 317 states. [2024-11-22 02:05:07,621 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 317 to 308. [2024-11-22 02:05:07,622 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 308 states, 232 states have (on average 1.2629310344827587) internal successors, (293), 247 states have internal predecessors, (293), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2024-11-22 02:05:07,623 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 308 states to 308 states and 396 transitions. [2024-11-22 02:05:07,624 INFO L78 Accepts]: Start accepts. Automaton has 308 states and 396 transitions. Word has length 50 [2024-11-22 02:05:07,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,625 INFO L471 AbstractCegarLoop]: Abstraction has 308 states and 396 transitions. [2024-11-22 02:05:07,625 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-22 02:05:07,626 INFO L276 IsEmpty]: Start isEmpty. Operand 308 states and 396 transitions. [2024-11-22 02:05:07,626 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2024-11-22 02:05:07,626 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,627 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,627 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-22 02:05:07,627 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,627 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,627 INFO L85 PathProgramCache]: Analyzing trace with hash -432802525, now seen corresponding path program 1 times [2024-11-22 02:05:07,627 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,627 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1484297742] [2024-11-22 02:05:07,627 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,628 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,703 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,703 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,703 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1484297742] [2024-11-22 02:05:07,703 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1484297742] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,703 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,704 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:07,704 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1222435510] [2024-11-22 02:05:07,704 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,704 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:07,704 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,705 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:07,705 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,705 INFO L87 Difference]: Start difference. First operand 308 states and 396 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:07,754 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:07,755 INFO L93 Difference]: Finished difference Result 607 states and 783 transitions. [2024-11-22 02:05:07,755 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:07,755 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 52 [2024-11-22 02:05:07,756 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:07,758 INFO L225 Difference]: With dead ends: 607 [2024-11-22 02:05:07,758 INFO L226 Difference]: Without dead ends: 306 [2024-11-22 02:05:07,759 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:07,759 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 39 mSDsluCounter, 299 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 403 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:07,760 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 403 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:07,760 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2024-11-22 02:05:07,779 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 306. [2024-11-22 02:05:07,779 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 306 states, 230 states have (on average 1.2565217391304349) internal successors, (289), 245 states have internal predecessors, (289), 39 states have call successors, (39), 35 states have call predecessors, (39), 36 states have return successors, (64), 36 states have call predecessors, (64), 39 states have call successors, (64) [2024-11-22 02:05:07,781 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 306 states to 306 states and 392 transitions. [2024-11-22 02:05:07,782 INFO L78 Accepts]: Start accepts. Automaton has 306 states and 392 transitions. Word has length 52 [2024-11-22 02:05:07,782 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,782 INFO L471 AbstractCegarLoop]: Abstraction has 306 states and 392 transitions. [2024-11-22 02:05:07,783 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:07,783 INFO L276 IsEmpty]: Start isEmpty. Operand 306 states and 392 transitions. [2024-11-22 02:05:07,784 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2024-11-22 02:05:07,786 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,786 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,787 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-22 02:05:07,787 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,787 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,787 INFO L85 PathProgramCache]: Analyzing trace with hash -1117904615, now seen corresponding path program 1 times [2024-11-22 02:05:07,787 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,787 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1003941403] [2024-11-22 02:05:07,787 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,787 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,843 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,843 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1003941403] [2024-11-22 02:05:07,843 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1003941403] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,843 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,843 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:07,844 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [105834125] [2024-11-22 02:05:07,844 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,844 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:07,844 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,845 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:07,845 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,845 INFO L87 Difference]: Start difference. First operand 306 states and 392 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:07,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:07,901 INFO L93 Difference]: Finished difference Result 553 states and 728 transitions. [2024-11-22 02:05:07,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:07,901 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2024-11-22 02:05:07,902 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:07,904 INFO L225 Difference]: With dead ends: 553 [2024-11-22 02:05:07,904 INFO L226 Difference]: Without dead ends: 306 [2024-11-22 02:05:07,905 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:07,906 INFO L432 NwaCegarLoop]: 150 mSDtfsCounter, 68 mSDsluCounter, 369 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 519 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:07,906 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 519 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:07,907 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 306 states. [2024-11-22 02:05:07,925 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 306 to 288. [2024-11-22 02:05:07,927 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 216 states have (on average 1.2037037037037037) internal successors, (260), 230 states have internal predecessors, (260), 37 states have call successors, (37), 33 states have call predecessors, (37), 34 states have return successors, (52), 33 states have call predecessors, (52), 37 states have call successors, (52) [2024-11-22 02:05:07,928 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 349 transitions. [2024-11-22 02:05:07,928 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 349 transitions. Word has length 54 [2024-11-22 02:05:07,929 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:07,929 INFO L471 AbstractCegarLoop]: Abstraction has 288 states and 349 transitions. [2024-11-22 02:05:07,929 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 1 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:05:07,929 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 349 transitions. [2024-11-22 02:05:07,930 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-22 02:05:07,930 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:07,930 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:07,931 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-22 02:05:07,931 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:07,931 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:07,931 INFO L85 PathProgramCache]: Analyzing trace with hash -371791351, now seen corresponding path program 1 times [2024-11-22 02:05:07,931 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:07,931 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [581116881] [2024-11-22 02:05:07,931 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:07,932 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:07,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:07,995 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:07,996 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:07,996 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [581116881] [2024-11-22 02:05:07,997 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [581116881] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:07,997 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:07,998 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:07,998 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2055290768] [2024-11-22 02:05:07,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:07,998 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:07,998 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:07,999 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:07,999 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:07,999 INFO L87 Difference]: Start difference. First operand 288 states and 349 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,058 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:08,059 INFO L93 Difference]: Finished difference Result 653 states and 823 transitions. [2024-11-22 02:05:08,059 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:08,059 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-22 02:05:08,060 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:08,063 INFO L225 Difference]: With dead ends: 653 [2024-11-22 02:05:08,063 INFO L226 Difference]: Without dead ends: 424 [2024-11-22 02:05:08,064 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:05:08,064 INFO L432 NwaCegarLoop]: 111 mSDtfsCounter, 86 mSDsluCounter, 314 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 425 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:08,064 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 425 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:08,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 424 states. [2024-11-22 02:05:08,086 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 424 to 403. [2024-11-22 02:05:08,087 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 303 states have (on average 1.2046204620462047) internal successors, (365), 320 states have internal predecessors, (365), 50 states have call successors, (50), 46 states have call predecessors, (50), 49 states have return successors, (78), 48 states have call predecessors, (78), 50 states have call successors, (78) [2024-11-22 02:05:08,090 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 493 transitions. [2024-11-22 02:05:08,091 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 493 transitions. Word has length 56 [2024-11-22 02:05:08,091 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:08,091 INFO L471 AbstractCegarLoop]: Abstraction has 403 states and 493 transitions. [2024-11-22 02:05:08,092 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,092 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 493 transitions. [2024-11-22 02:05:08,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-22 02:05:08,092 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:08,092 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:08,092 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2024-11-22 02:05:08,092 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:08,093 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:08,093 INFO L85 PathProgramCache]: Analyzing trace with hash -309751737, now seen corresponding path program 1 times [2024-11-22 02:05:08,093 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:08,093 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1788358047] [2024-11-22 02:05:08,093 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:08,093 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:08,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:08,132 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:08,132 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:08,132 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1788358047] [2024-11-22 02:05:08,132 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1788358047] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:08,132 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:08,132 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-22 02:05:08,133 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [404822994] [2024-11-22 02:05:08,133 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:08,133 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-22 02:05:08,133 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:08,134 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-22 02:05:08,134 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:08,134 INFO L87 Difference]: Start difference. First operand 403 states and 493 transitions. Second operand has 4 states, 4 states have (on average 11.25) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,162 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:08,163 INFO L93 Difference]: Finished difference Result 744 states and 929 transitions. [2024-11-22 02:05:08,163 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-22 02:05:08,163 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.25) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-22 02:05:08,163 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:08,166 INFO L225 Difference]: With dead ends: 744 [2024-11-22 02:05:08,166 INFO L226 Difference]: Without dead ends: 400 [2024-11-22 02:05:08,166 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:05:08,167 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 0 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 316 SdHoareTripleChecker+Invalid, 12 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:08,167 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 316 Invalid, 12 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:08,168 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 400 states. [2024-11-22 02:05:08,187 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 400 to 400. [2024-11-22 02:05:08,187 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 300 states have (on average 1.2) internal successors, (360), 317 states have internal predecessors, (360), 50 states have call successors, (50), 46 states have call predecessors, (50), 49 states have return successors, (78), 48 states have call predecessors, (78), 50 states have call successors, (78) [2024-11-22 02:05:08,190 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 488 transitions. [2024-11-22 02:05:08,191 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 488 transitions. Word has length 56 [2024-11-22 02:05:08,191 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:08,191 INFO L471 AbstractCegarLoop]: Abstraction has 400 states and 488 transitions. [2024-11-22 02:05:08,191 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.25) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,191 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 488 transitions. [2024-11-22 02:05:08,192 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2024-11-22 02:05:08,192 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:08,192 INFO L215 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:08,192 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-22 02:05:08,192 INFO L396 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:08,193 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:08,193 INFO L85 PathProgramCache]: Analyzing trace with hash -443765243, now seen corresponding path program 1 times [2024-11-22 02:05:08,193 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:08,194 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [830338864] [2024-11-22 02:05:08,194 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:08,194 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:08,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:08,247 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:05:08,247 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:08,247 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [830338864] [2024-11-22 02:05:08,247 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [830338864] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:05:08,247 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:05:08,248 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:05:08,248 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2053184432] [2024-11-22 02:05:08,248 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:05:08,248 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:05:08,248 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:08,248 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:05:08,249 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:08,249 INFO L87 Difference]: Start difference. First operand 400 states and 488 transitions. Second operand has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:08,287 INFO L93 Difference]: Finished difference Result 715 states and 886 transitions. [2024-11-22 02:05:08,287 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:05:08,287 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 56 [2024-11-22 02:05:08,288 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:08,289 INFO L225 Difference]: With dead ends: 715 [2024-11-22 02:05:08,289 INFO L226 Difference]: Without dead ends: 374 [2024-11-22 02:05:08,290 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:05:08,290 INFO L432 NwaCegarLoop]: 108 mSDtfsCounter, 0 mSDsluCounter, 313 mSDsCounter, 0 mSdLazyCounter, 20 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 421 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 20 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:08,291 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 421 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 20 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:05:08,291 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 374 states. [2024-11-22 02:05:08,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 374 to 374. [2024-11-22 02:05:08,308 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 374 states, 281 states have (on average 1.1921708185053381) internal successors, (335), 297 states have internal predecessors, (335), 48 states have call successors, (48), 44 states have call predecessors, (48), 44 states have return successors, (67), 43 states have call predecessors, (67), 48 states have call successors, (67) [2024-11-22 02:05:08,309 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 374 states to 374 states and 450 transitions. [2024-11-22 02:05:08,310 INFO L78 Accepts]: Start accepts. Automaton has 374 states and 450 transitions. Word has length 56 [2024-11-22 02:05:08,310 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:08,310 INFO L471 AbstractCegarLoop]: Abstraction has 374 states and 450 transitions. [2024-11-22 02:05:08,310 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.0) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:05:08,310 INFO L276 IsEmpty]: Start isEmpty. Operand 374 states and 450 transitions. [2024-11-22 02:05:08,313 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2024-11-22 02:05:08,313 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:05:08,313 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:08,313 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2024-11-22 02:05:08,314 INFO L396 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:05:08,315 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:05:08,315 INFO L85 PathProgramCache]: Analyzing trace with hash 872263225, now seen corresponding path program 1 times [2024-11-22 02:05:08,315 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:05:08,315 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1406613982] [2024-11-22 02:05:08,315 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:08,315 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:05:08,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:08,413 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 18 proven. 4 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-22 02:05:08,413 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:05:08,413 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1406613982] [2024-11-22 02:05:08,413 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1406613982] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-22 02:05:08,414 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1552128372] [2024-11-22 02:05:08,414 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:05:08,414 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-22 02:05:08,414 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:05:08,416 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-22 02:05:08,417 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-22 02:05:08,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:05:08,502 INFO L255 TraceCheckSpWp]: Trace formula consists of 301 conjuncts, 13 conjuncts are in the unsatisfiable core [2024-11-22 02:05:08,508 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-22 02:05:08,711 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2024-11-22 02:05:08,712 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-22 02:05:09,000 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-22 02:05:09,000 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1552128372] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-22 02:05:09,000 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-22 02:05:09,001 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 9] total 17 [2024-11-22 02:05:09,001 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [137920749] [2024-11-22 02:05:09,001 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-22 02:05:09,001 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2024-11-22 02:05:09,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:05:09,002 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2024-11-22 02:05:09,002 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=44, Invalid=228, Unknown=0, NotChecked=0, Total=272 [2024-11-22 02:05:09,003 INFO L87 Difference]: Start difference. First operand 374 states and 450 transitions. Second operand has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (24), 7 states have call predecessors, (24), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-22 02:05:09,827 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:05:09,827 INFO L93 Difference]: Finished difference Result 1148 states and 1475 transitions. [2024-11-22 02:05:09,828 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2024-11-22 02:05:09,828 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (24), 7 states have call predecessors, (24), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) Word has length 91 [2024-11-22 02:05:09,828 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:05:09,829 INFO L225 Difference]: With dead ends: 1148 [2024-11-22 02:05:09,829 INFO L226 Difference]: Without dead ends: 0 [2024-11-22 02:05:09,832 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 217 GetRequests, 173 SyntacticMatches, 7 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 217 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=343, Invalid=1139, Unknown=0, NotChecked=0, Total=1482 [2024-11-22 02:05:09,832 INFO L432 NwaCegarLoop]: 74 mSDtfsCounter, 504 mSDsluCounter, 628 mSDsCounter, 0 mSdLazyCounter, 981 mSolverCounterSat, 239 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 506 SdHoareTripleChecker+Valid, 702 SdHoareTripleChecker+Invalid, 1220 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 239 IncrementalHoareTripleChecker+Valid, 981 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-22 02:05:09,833 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [506 Valid, 702 Invalid, 1220 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [239 Valid, 981 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-22 02:05:09,833 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-22 02:05:09,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-22 02:05:09,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-22 02:05:09,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-22 02:05:09,834 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2024-11-22 02:05:09,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:05:09,834 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-22 02:05:09,834 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 17 states have (on average 7.764705882352941) internal successors, (132), 14 states have internal predecessors, (132), 6 states have call successors, (24), 7 states have call predecessors, (24), 8 states have return successors, (22), 8 states have call predecessors, (22), 6 states have call successors, (22) [2024-11-22 02:05:09,834 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-22 02:05:09,834 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-22 02:05:09,836 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-22 02:05:09,848 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-22 02:05:10,037 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2024-11-22 02:05:10,039 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:05:10,041 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-22 02:05:13,038 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-22 02:05:13,055 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)) Eliminated clause: (and (<= ~waterLevel~0 1) (= 1 ~systemActive~0) (= ~pumpRunning~0 1)) [2024-11-22 02:05:13,065 WARN L156 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (and (or (= |old(~methaneLevelCritical~0)| 0) (not (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1)))) Eliminated clause: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (= ~pumpRunning~0 1)) (and (= ~pumpRunning~0 0) .cse0 .cse1))) [2024-11-22 02:05:13,076 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not .cse5)) (.cse7 (= |old(~waterLevel~0)| 1)) (.cse6 (= ~waterLevel~0 1))) (and (or .cse0 (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse5 .cse4))) (or (not .cse6) .cse0 .cse7) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))) (or .cse0 (not .cse7) .cse6)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= |old(~pumpRunning~0)| 1)) (.cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not .cse5)) (.cse7 (= |old(~waterLevel~0)| 1)) (.cse6 (= ~waterLevel~0 1))) (and (or .cse0 (and (= ~pumpRunning~0 0) .cse1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse2 .cse3 .cse4) (and .cse2 .cse5 .cse4))) (or (not .cse6) .cse0 .cse7) (or (not .cse3) (and .cse1 (= ~pumpRunning~0 1))) (or .cse0 (not .cse7) .cse6))))) [2024-11-22 02:05:13,086 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:13,096 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-22 02:05:13,101 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:13,114 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= ~pumpRunning~0 0))) (and (or (not .cse0) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (<= ~waterLevel~0 |old(~waterLevel~0)|) (let ((.cse1 (= 1 ~systemActive~0))) (or (and .cse1 (<= |old(~waterLevel~0)| 2) (= ~pumpRunning~0 1)) (and .cse0 .cse1 (<= |old(~waterLevel~0)| 1)))))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse0 (= ~pumpRunning~0 0))) (and (or (not .cse0) (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (<= ~waterLevel~0 |old(~waterLevel~0)|) (let ((.cse1 (= 1 ~systemActive~0))) (or (and .cse1 (<= |old(~waterLevel~0)| 2) (= ~pumpRunning~0 1)) (and .cse0 .cse1 (<= |old(~waterLevel~0)| 1))))))) [2024-11-22 02:05:13,116 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:13,119 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (let ((.cse0 (= 1 ~systemActive~0))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse2 (<= ~waterLevel~0 2)))) (or (not .cse2) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1))))) [2024-11-22 02:05:13,121 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:05:13,122 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.11 02:05:13 BoogieIcfgContainer [2024-11-22 02:05:13,122 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-22 02:05:13,122 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-22 02:05:13,123 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-22 02:05:13,123 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-22 02:05:13,123 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:05:06" (3/4) ... [2024-11-22 02:05:13,125 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-22 02:05:13,129 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2024-11-22 02:05:13,130 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:05:13,130 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-22 02:05:13,130 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-22 02:05:13,135 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2024-11-22 02:05:13,135 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-22 02:05:13,136 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-22 02:05:13,136 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:05:13,136 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:05:13,226 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-22 02:05:13,226 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-22 02:05:13,226 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-22 02:05:13,227 INFO L158 Benchmark]: Toolchain (without parser) took 7878.40ms. Allocated memory was 130.0MB in the beginning and 197.1MB in the end (delta: 67.1MB). Free memory was 58.9MB in the beginning and 149.0MB in the end (delta: -90.1MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-22 02:05:13,227 INFO L158 Benchmark]: CDTParser took 0.16ms. Allocated memory is still 130.0MB. Free memory is still 91.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-22 02:05:13,227 INFO L158 Benchmark]: CACSL2BoogieTranslator took 426.48ms. Allocated memory was 130.0MB in the beginning and 163.6MB in the end (delta: 33.6MB). Free memory was 58.6MB in the beginning and 123.4MB in the end (delta: -64.8MB). Peak memory consumption was 19.7MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,228 INFO L158 Benchmark]: Boogie Procedure Inliner took 40.36ms. Allocated memory is still 163.6MB. Free memory was 123.4MB in the beginning and 121.4MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,228 INFO L158 Benchmark]: Boogie Preprocessor took 37.19ms. Allocated memory is still 163.6MB. Free memory was 121.4MB in the beginning and 118.2MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,228 INFO L158 Benchmark]: RCFGBuilder took 362.66ms. Allocated memory is still 163.6MB. Free memory was 118.2MB in the beginning and 98.3MB in the end (delta: 19.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,228 INFO L158 Benchmark]: TraceAbstraction took 6902.52ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 98.3MB in the beginning and 157.4MB in the end (delta: -59.1MB). Peak memory consumption was 86.7MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,229 INFO L158 Benchmark]: Witness Printer took 104.02ms. Allocated memory is still 197.1MB. Free memory was 157.4MB in the beginning and 149.0MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2024-11-22 02:05:13,230 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.16ms. Allocated memory is still 130.0MB. Free memory is still 91.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 426.48ms. Allocated memory was 130.0MB in the beginning and 163.6MB in the end (delta: 33.6MB). Free memory was 58.6MB in the beginning and 123.4MB in the end (delta: -64.8MB). Peak memory consumption was 19.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 40.36ms. Allocated memory is still 163.6MB. Free memory was 123.4MB in the beginning and 121.4MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.19ms. Allocated memory is still 163.6MB. Free memory was 121.4MB in the beginning and 118.2MB in the end (delta: 3.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 362.66ms. Allocated memory is still 163.6MB. Free memory was 118.2MB in the beginning and 98.3MB in the end (delta: 19.9MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 6902.52ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 98.3MB in the beginning and 157.4MB in the end (delta: -59.1MB). Peak memory consumption was 86.7MB. Max. memory is 16.1GB. * Witness Printer took 104.02ms. Allocated memory is still 197.1MB. Free memory was 157.4MB in the beginning and 149.0MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [160] - GenericResultAtLocation [Line: 262]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [262] - GenericResultAtLocation [Line: 271]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [271] - GenericResultAtLocation [Line: 306]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [306] - GenericResultAtLocation [Line: 341]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [341] - GenericResultAtLocation [Line: 707]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [707] - GenericResultAtLocation [Line: 775]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [775] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 267]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 103 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.8s, OverallIterations: 13, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1148 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1143 mSDsluCounter, 4526 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2995 mSDsCounter, 260 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1223 IncrementalHoareTripleChecker+Invalid, 1483 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 260 mSolverCounterUnsat, 1531 mSDtfsCounter, 1223 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 280 GetRequests, 203 SyntacticMatches, 7 SemanticMatches, 70 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 221 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=403occurred in iteration=10, InterpolantAutomatonStates: 75, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 13 MinimizatonAttempts, 50 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 732 NumberOfCodeBlocks, 732 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 808 ConstructedInterpolants, 0 QuantifiedInterpolants, 1469 SizeOfPredicates, 2 NumberOfNonLiveVariables, 301 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 15 InterpolantComputations, 12 PerfectInterpolantSequences, 64/84 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 718]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 719]: Loop Invariant Derived loop invariant: (((((1 == systemActive) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - ProcedureContractResult [Line: 898]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1)) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 805]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) || (((waterLevel <= 1) && (1 == systemActive)) && (pumpRunning == 1))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 84]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) Ensures: (((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2))) && (((((waterLevel == \old(waterLevel)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 781]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((((waterLevel <= 1) && (waterLevel <= \old(waterLevel))) && (pumpRunning == 1)) || (\old(pumpRunning) != 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (waterLevel <= \old(waterLevel)))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1)))) && ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 2)))) && ((((\old(pumpRunning) != 0) || (\old(waterLevel) == 1)) || (((((waterLevel != 1) && (pumpRunning == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel)))) || (\old(waterLevel) == 2))) && ((((\old(pumpRunning) != 0) || (\old(waterLevel) == 1)) || (((((waterLevel != 1) && (pumpRunning == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (waterLevel <= \old(waterLevel)))) || (((waterLevel != 1) && (waterLevel <= \old(waterLevel))) && (pumpRunning == 1)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 163]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 96]: Procedure Contract for isMethaneLevelCritical Derived contract for procedure isMethaneLevelCritical. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive))) Ensures: (((\result == methaneLevelCritical) && ((((1 == systemActive) && (waterLevel <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)))) && ((((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 813]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2))) && ((\old(pumpRunning) != 1) || (pumpRunning == 1))) && (((pumpRunning == 0) && (waterLevel <= 1)) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 72]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: (((((waterLevel <= ((long long) \old(waterLevel) + 1)) && (waterLevel <= 2)) && (((waterLevel != 1) || (pumpRunning != 0)) || (\old(waterLevel) != 1))) && ((((1 == systemActive) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 1)))) && (((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 839]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Ensures: (((((((waterLevel <= 1) && (1 == systemActive)) && (\old(pumpRunning) == 1)) || (((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2))) && (((pumpRunning == 0) && (waterLevel <= 1)) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && (((((waterLevel == \old(waterLevel)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) RESULT: Ultimate proved your program to be correct! [2024-11-22 02:05:13,249 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE