./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 803cd42f Calling Ultimate with: /root/.sdkman/candidates/java/current/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c --- Real Ultimate output --- This is Ultimate 0.2.5-tmp.dk.eval-assert-order-craig-803cd42-m [2024-11-22 02:07:07,787 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-22 02:07:07,832 INFO L114 SettingsManager]: Loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2024-11-22 02:07:07,836 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-22 02:07:07,837 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-22 02:07:07,863 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-22 02:07:07,863 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-22 02:07:07,864 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-22 02:07:07,864 INFO L151 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2024-11-22 02:07:07,864 INFO L153 SettingsManager]: * Use memory slicer=true [2024-11-22 02:07:07,865 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-22 02:07:07,865 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-22 02:07:07,865 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2024-11-22 02:07:07,865 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2024-11-22 02:07:07,866 INFO L153 SettingsManager]: * Use SBE=true [2024-11-22 02:07:07,866 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-22 02:07:07,867 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-22 02:07:07,869 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-22 02:07:07,869 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-22 02:07:07,869 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-22 02:07:07,869 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-22 02:07:07,870 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-22 02:07:07,870 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-22 02:07:07,870 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-22 02:07:07,872 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-22 02:07:07,872 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-22 02:07:07,872 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-22 02:07:07,872 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-22 02:07:07,872 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-22 02:07:07,873 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2024-11-22 02:07:07,873 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-22 02:07:07,873 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-22 02:07:07,873 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:07:07,873 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-22 02:07:07,874 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-22 02:07:07,874 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-22 02:07:07,874 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2024-11-22 02:07:07,875 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-22 02:07:07,875 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-22 02:07:07,875 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2024-11-22 02:07:07,876 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2024-11-22 02:07:07,876 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-22 02:07:07,876 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c [2024-11-22 02:07:08,088 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-22 02:07:08,111 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-22 02:07:08,113 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-22 02:07:08,114 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-22 02:07:08,114 INFO L274 PluginConnector]: CDTParser initialized [2024-11-22 02:07:08,115 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-22 02:07:09,308 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-22 02:07:09,492 INFO L384 CDTParser]: Found 1 translation units. [2024-11-22 02:07:09,493 INFO L180 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-22 02:07:09,504 INFO L427 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/b7da441c1/487159d7b98b415a893b8d1406f60a15/FLAG29a6f97d6 [2024-11-22 02:07:09,867 INFO L435 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/b7da441c1/487159d7b98b415a893b8d1406f60a15 [2024-11-22 02:07:09,869 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-22 02:07:09,870 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-22 02:07:09,871 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-22 02:07:09,871 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-22 02:07:09,879 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-22 02:07:09,880 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:07:09" (1/1) ... [2024-11-22 02:07:09,880 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@49fdf4d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:09, skipping insertion in model container [2024-11-22 02:07:09,881 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.11 02:07:09" (1/1) ... [2024-11-22 02:07:09,917 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-22 02:07:10,187 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-22 02:07:10,195 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:07:10,207 INFO L200 MainTranslator]: Completed pre-run [2024-11-22 02:07:10,216 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-22 02:07:10,217 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] [2024-11-22 02:07:10,218 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] [2024-11-22 02:07:10,218 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] [2024-11-22 02:07:10,220 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] [2024-11-22 02:07:10,220 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] [2024-11-22 02:07:10,220 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] [2024-11-22 02:07:10,221 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] [2024-11-22 02:07:10,326 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-22 02:07:10,328 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-22 02:07:10,342 INFO L204 MainTranslator]: Completed translation [2024-11-22 02:07:10,342 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10 WrapperNode [2024-11-22 02:07:10,343 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-22 02:07:10,343 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-22 02:07:10,343 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-22 02:07:10,343 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-22 02:07:10,348 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,356 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,375 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 244 [2024-11-22 02:07:10,375 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-22 02:07:10,376 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-22 02:07:10,376 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-22 02:07:10,376 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-22 02:07:10,386 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,386 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,388 INFO L184 PluginConnector]: Executing the observer MemorySlicer from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,398 INFO L175 MemorySlicer]: Split 2 memory accesses to 1 slices as follows [2]. 100 percent of accesses are in the largest equivalence class. The 2 initializations are split as follows [2]. The 0 writes are split as follows [0]. [2024-11-22 02:07:10,398 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,398 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,401 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,404 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,405 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,405 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,407 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-22 02:07:10,408 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-22 02:07:10,408 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-22 02:07:10,408 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-22 02:07:10,409 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (1/1) ... [2024-11-22 02:07:10,413 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 [2024-11-22 02:07:10,422 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:07:10,437 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (exit command is (exit), workingDir is null) [2024-11-22 02:07:10,440 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Waiting until timeout for monitored process [2024-11-22 02:07:10,481 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-22 02:07:10,481 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-22 02:07:10,481 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-22 02:07:10,481 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-22 02:07:10,482 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-22 02:07:10,482 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-22 02:07:10,482 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-22 02:07:10,482 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:07:10,482 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:07:10,482 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-22 02:07:10,482 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-22 02:07:10,483 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-22 02:07:10,483 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-22 02:07:10,483 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-22 02:07:10,483 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-22 02:07:10,483 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-22 02:07:10,483 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-22 02:07:10,484 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-22 02:07:10,484 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-22 02:07:10,484 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int#0 [2024-11-22 02:07:10,485 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-22 02:07:10,485 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-22 02:07:10,485 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-22 02:07:10,485 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-22 02:07:10,567 INFO L238 CfgBuilder]: Building ICFG [2024-11-22 02:07:10,569 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-22 02:07:10,813 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-22 02:07:10,813 INFO L287 CfgBuilder]: Performing block encoding [2024-11-22 02:07:10,825 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-22 02:07:10,826 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-22 02:07:10,826 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:07:10 BoogieIcfgContainer [2024-11-22 02:07:10,826 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-22 02:07:10,828 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-22 02:07:10,828 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-22 02:07:10,830 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-22 02:07:10,830 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.11 02:07:09" (1/3) ... [2024-11-22 02:07:10,830 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@41b30d41 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:07:10, skipping insertion in model container [2024-11-22 02:07:10,831 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.11 02:07:10" (2/3) ... [2024-11-22 02:07:10,831 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@41b30d41 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.11 02:07:10, skipping insertion in model container [2024-11-22 02:07:10,831 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:07:10" (3/3) ... [2024-11-22 02:07:10,832 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product62.cil.c [2024-11-22 02:07:10,842 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-22 02:07:10,843 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-22 02:07:10,882 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-22 02:07:10,888 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@17589da7, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-22 02:07:10,888 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-22 02:07:10,891 INFO L276 IsEmpty]: Start isEmpty. Operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-22 02:07:10,897 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2024-11-22 02:07:10,897 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:10,898 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:10,898 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:10,901 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:10,902 INFO L85 PathProgramCache]: Analyzing trace with hash 1960372766, now seen corresponding path program 1 times [2024-11-22 02:07:10,907 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:10,908 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [162942355] [2024-11-22 02:07:10,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:10,908 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:10,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:11,056 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:11,056 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:11,057 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [162942355] [2024-11-22 02:07:11,057 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [162942355] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:11,057 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:11,057 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-22 02:07:11,058 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [764612312] [2024-11-22 02:07:11,059 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:11,061 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-22 02:07:11,062 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:11,076 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-22 02:07:11,077 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:07:11,078 INFO L87 Difference]: Start difference. First operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-22 02:07:11,100 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:11,101 INFO L93 Difference]: Finished difference Result 219 states and 294 transitions. [2024-11-22 02:07:11,101 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-22 02:07:11,102 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2024-11-22 02:07:11,103 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:11,108 INFO L225 Difference]: With dead ends: 219 [2024-11-22 02:07:11,109 INFO L226 Difference]: Without dead ends: 105 [2024-11-22 02:07:11,111 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-22 02:07:11,113 INFO L432 NwaCegarLoop]: 144 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:11,114 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:11,125 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2024-11-22 02:07:11,145 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 105. [2024-11-22 02:07:11,147 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 77 states have (on average 1.2987012987012987) internal successors, (100), 86 states have internal predecessors, (100), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-22 02:07:11,148 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 135 transitions. [2024-11-22 02:07:11,151 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 135 transitions. Word has length 32 [2024-11-22 02:07:11,151 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:11,151 INFO L471 AbstractCegarLoop]: Abstraction has 105 states and 135 transitions. [2024-11-22 02:07:11,151 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-22 02:07:11,152 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 135 transitions. [2024-11-22 02:07:11,153 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2024-11-22 02:07:11,154 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:11,154 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:11,154 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-22 02:07:11,154 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:11,157 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:11,157 INFO L85 PathProgramCache]: Analyzing trace with hash -526010073, now seen corresponding path program 1 times [2024-11-22 02:07:11,158 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:11,158 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1006469789] [2024-11-22 02:07:11,158 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:11,158 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:11,179 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:11,254 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:11,254 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:11,254 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1006469789] [2024-11-22 02:07:11,255 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1006469789] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:11,255 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:11,255 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:07:11,256 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [175544761] [2024-11-22 02:07:11,256 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:11,258 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:07:11,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:11,259 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:07:11,259 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,259 INFO L87 Difference]: Start difference. First operand 105 states and 135 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-22 02:07:11,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:11,276 INFO L93 Difference]: Finished difference Result 174 states and 224 transitions. [2024-11-22 02:07:11,276 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:07:11,276 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2024-11-22 02:07:11,276 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:11,281 INFO L225 Difference]: With dead ends: 174 [2024-11-22 02:07:11,281 INFO L226 Difference]: Without dead ends: 96 [2024-11-22 02:07:11,282 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,283 INFO L432 NwaCegarLoop]: 122 mSDtfsCounter, 13 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 227 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:11,283 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 227 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:11,284 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2024-11-22 02:07:11,291 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2024-11-22 02:07:11,294 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.3098591549295775) internal successors, (93), 80 states have internal predecessors, (93), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-22 02:07:11,295 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 123 transitions. [2024-11-22 02:07:11,295 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 123 transitions. Word has length 33 [2024-11-22 02:07:11,295 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:11,296 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 123 transitions. [2024-11-22 02:07:11,296 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-22 02:07:11,296 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 123 transitions. [2024-11-22 02:07:11,297 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2024-11-22 02:07:11,297 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:11,297 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:11,297 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-22 02:07:11,297 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:11,302 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:11,302 INFO L85 PathProgramCache]: Analyzing trace with hash -1914406272, now seen corresponding path program 1 times [2024-11-22 02:07:11,302 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:11,302 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1620007468] [2024-11-22 02:07:11,303 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:11,303 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:11,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:11,415 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:11,415 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:11,415 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1620007468] [2024-11-22 02:07:11,415 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1620007468] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:11,415 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:11,415 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:07:11,416 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1016839465] [2024-11-22 02:07:11,416 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:11,416 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:07:11,416 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:11,416 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:07:11,417 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,417 INFO L87 Difference]: Start difference. First operand 96 states and 123 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-22 02:07:11,441 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:11,441 INFO L93 Difference]: Finished difference Result 184 states and 239 transitions. [2024-11-22 02:07:11,442 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:07:11,442 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2024-11-22 02:07:11,442 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:11,443 INFO L225 Difference]: With dead ends: 184 [2024-11-22 02:07:11,443 INFO L226 Difference]: Without dead ends: 96 [2024-11-22 02:07:11,444 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,445 INFO L432 NwaCegarLoop]: 121 mSDtfsCounter, 113 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:11,446 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 121 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:11,446 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2024-11-22 02:07:11,455 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2024-11-22 02:07:11,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.295774647887324) internal successors, (92), 80 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-22 02:07:11,457 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 122 transitions. [2024-11-22 02:07:11,457 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 122 transitions. Word has length 38 [2024-11-22 02:07:11,459 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:11,459 INFO L471 AbstractCegarLoop]: Abstraction has 96 states and 122 transitions. [2024-11-22 02:07:11,459 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-22 02:07:11,459 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 122 transitions. [2024-11-22 02:07:11,461 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2024-11-22 02:07:11,461 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:11,461 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:11,461 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-22 02:07:11,462 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:11,462 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:11,462 INFO L85 PathProgramCache]: Analyzing trace with hash 1685949316, now seen corresponding path program 1 times [2024-11-22 02:07:11,462 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:11,463 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1018136574] [2024-11-22 02:07:11,463 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:11,463 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:11,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:11,531 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:11,532 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:11,536 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1018136574] [2024-11-22 02:07:11,536 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1018136574] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:11,536 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:11,536 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-22 02:07:11,536 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1322286978] [2024-11-22 02:07:11,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:11,537 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-22 02:07:11,537 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:11,537 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-22 02:07:11,539 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,539 INFO L87 Difference]: Start difference. First operand 96 states and 122 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:07:11,585 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:11,585 INFO L93 Difference]: Finished difference Result 241 states and 313 transitions. [2024-11-22 02:07:11,585 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-22 02:07:11,585 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2024-11-22 02:07:11,586 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:11,587 INFO L225 Difference]: With dead ends: 241 [2024-11-22 02:07:11,587 INFO L226 Difference]: Without dead ends: 153 [2024-11-22 02:07:11,588 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-22 02:07:11,588 INFO L432 NwaCegarLoop]: 125 mSDtfsCounter, 92 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 92 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:11,589 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [92 Valid, 208 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:11,589 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2024-11-22 02:07:11,601 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 151. [2024-11-22 02:07:11,602 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 113 states have (on average 1.2654867256637168) internal successors, (143), 122 states have internal predecessors, (143), 20 states have call successors, (20), 17 states have call predecessors, (20), 17 states have return successors, (26), 18 states have call predecessors, (26), 20 states have call successors, (26) [2024-11-22 02:07:11,604 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 189 transitions. [2024-11-22 02:07:11,605 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 189 transitions. Word has length 51 [2024-11-22 02:07:11,605 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:11,606 INFO L471 AbstractCegarLoop]: Abstraction has 151 states and 189 transitions. [2024-11-22 02:07:11,606 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 1 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2024-11-22 02:07:11,606 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 189 transitions. [2024-11-22 02:07:11,607 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2024-11-22 02:07:11,607 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:11,607 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:11,607 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-22 02:07:11,608 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:11,608 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:11,608 INFO L85 PathProgramCache]: Analyzing trace with hash -1718008340, now seen corresponding path program 1 times [2024-11-22 02:07:11,608 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:11,608 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1612081812] [2024-11-22 02:07:11,609 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:11,609 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:11,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:11,770 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-22 02:07:11,770 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:11,771 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1612081812] [2024-11-22 02:07:11,771 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1612081812] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:11,771 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:11,771 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2024-11-22 02:07:11,772 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1791620455] [2024-11-22 02:07:11,772 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:11,772 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2024-11-22 02:07:11,773 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:11,773 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2024-11-22 02:07:11,774 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2024-11-22 02:07:11,774 INFO L87 Difference]: Start difference. First operand 151 states and 189 transitions. Second operand has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-22 02:07:12,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:12,063 INFO L93 Difference]: Finished difference Result 322 states and 405 transitions. [2024-11-22 02:07:12,064 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-22 02:07:12,064 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 59 [2024-11-22 02:07:12,065 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:12,066 INFO L225 Difference]: With dead ends: 322 [2024-11-22 02:07:12,066 INFO L226 Difference]: Without dead ends: 179 [2024-11-22 02:07:12,067 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=134, Unknown=0, NotChecked=0, Total=182 [2024-11-22 02:07:12,067 INFO L432 NwaCegarLoop]: 94 mSDtfsCounter, 155 mSDsluCounter, 369 mSDsCounter, 0 mSdLazyCounter, 230 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 162 SdHoareTripleChecker+Valid, 463 SdHoareTripleChecker+Invalid, 273 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 230 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:12,068 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [162 Valid, 463 Invalid, 273 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 230 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-22 02:07:12,073 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2024-11-22 02:07:12,092 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 177. [2024-11-22 02:07:12,094 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 132 states have (on average 1.2424242424242424) internal successors, (164), 141 states have internal predecessors, (164), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-22 02:07:12,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 219 transitions. [2024-11-22 02:07:12,097 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 219 transitions. Word has length 59 [2024-11-22 02:07:12,097 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:12,097 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 219 transitions. [2024-11-22 02:07:12,097 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-22 02:07:12,097 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 219 transitions. [2024-11-22 02:07:12,100 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-22 02:07:12,100 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:12,100 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:12,100 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-22 02:07:12,101 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:12,101 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:12,104 INFO L85 PathProgramCache]: Analyzing trace with hash -12885391, now seen corresponding path program 1 times [2024-11-22 02:07:12,104 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:12,104 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1102626622] [2024-11-22 02:07:12,104 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:12,104 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:12,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:12,206 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:12,207 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:12,207 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1102626622] [2024-11-22 02:07:12,207 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1102626622] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:12,207 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:12,207 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-22 02:07:12,207 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1842937731] [2024-11-22 02:07:12,207 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:12,208 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-22 02:07:12,208 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:12,208 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-22 02:07:12,208 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:07:12,209 INFO L87 Difference]: Start difference. First operand 177 states and 219 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:07:12,235 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:12,235 INFO L93 Difference]: Finished difference Result 349 states and 446 transitions. [2024-11-22 02:07:12,235 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2024-11-22 02:07:12,236 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2024-11-22 02:07:12,236 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:12,237 INFO L225 Difference]: With dead ends: 349 [2024-11-22 02:07:12,237 INFO L226 Difference]: Without dead ends: 180 [2024-11-22 02:07:12,238 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-22 02:07:12,238 INFO L432 NwaCegarLoop]: 119 mSDtfsCounter, 0 mSDsluCounter, 351 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:12,239 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 470 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:12,243 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 180 states. [2024-11-22 02:07:12,258 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 180 to 180. [2024-11-22 02:07:12,259 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 180 states, 135 states have (on average 1.237037037037037) internal successors, (167), 144 states have internal predecessors, (167), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-22 02:07:12,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 180 states to 180 states and 222 transitions. [2024-11-22 02:07:12,260 INFO L78 Accepts]: Start accepts. Automaton has 180 states and 222 transitions. Word has length 65 [2024-11-22 02:07:12,260 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:12,260 INFO L471 AbstractCegarLoop]: Abstraction has 180 states and 222 transitions. [2024-11-22 02:07:12,260 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:07:12,260 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 222 transitions. [2024-11-22 02:07:12,261 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-22 02:07:12,261 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:12,261 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:12,261 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-22 02:07:12,261 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:12,262 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:12,262 INFO L85 PathProgramCache]: Analyzing trace with hash 1373318003, now seen corresponding path program 1 times [2024-11-22 02:07:12,262 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:12,262 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [908915737] [2024-11-22 02:07:12,262 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:12,262 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:12,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:12,327 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:12,328 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:12,328 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [908915737] [2024-11-22 02:07:12,328 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [908915737] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:12,328 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:12,328 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-22 02:07:12,328 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1818571012] [2024-11-22 02:07:12,328 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:12,329 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-22 02:07:12,329 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:12,329 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-22 02:07:12,329 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:07:12,330 INFO L87 Difference]: Start difference. First operand 180 states and 222 transitions. Second operand has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:07:12,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:12,355 INFO L93 Difference]: Finished difference Result 354 states and 451 transitions. [2024-11-22 02:07:12,355 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-22 02:07:12,355 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2024-11-22 02:07:12,356 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:12,358 INFO L225 Difference]: With dead ends: 354 [2024-11-22 02:07:12,358 INFO L226 Difference]: Without dead ends: 182 [2024-11-22 02:07:12,359 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:07:12,359 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 0 mSDsluCounter, 234 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:12,361 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 354 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-22 02:07:12,362 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 182 states. [2024-11-22 02:07:12,375 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 182 to 182. [2024-11-22 02:07:12,376 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 182 states, 137 states have (on average 1.2335766423357664) internal successors, (169), 146 states have internal predecessors, (169), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2024-11-22 02:07:12,377 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 182 states to 182 states and 224 transitions. [2024-11-22 02:07:12,378 INFO L78 Accepts]: Start accepts. Automaton has 182 states and 224 transitions. Word has length 65 [2024-11-22 02:07:12,378 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:12,378 INFO L471 AbstractCegarLoop]: Abstraction has 182 states and 224 transitions. [2024-11-22 02:07:12,378 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2024-11-22 02:07:12,379 INFO L276 IsEmpty]: Start isEmpty. Operand 182 states and 224 transitions. [2024-11-22 02:07:12,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2024-11-22 02:07:12,379 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:12,380 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:12,380 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-22 02:07:12,380 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:12,380 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:12,380 INFO L85 PathProgramCache]: Analyzing trace with hash 2074917877, now seen corresponding path program 1 times [2024-11-22 02:07:12,380 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:12,381 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [947905653] [2024-11-22 02:07:12,381 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:12,381 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:12,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:12,454 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:12,454 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:12,455 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [947905653] [2024-11-22 02:07:12,455 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [947905653] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:12,455 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:12,455 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-22 02:07:12,455 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [482411524] [2024-11-22 02:07:12,455 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:12,455 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-22 02:07:12,456 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:12,456 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-22 02:07:12,456 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:07:12,456 INFO L87 Difference]: Start difference. First operand 182 states and 224 transitions. Second operand has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-22 02:07:12,573 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:12,573 INFO L93 Difference]: Finished difference Result 556 states and 710 transitions. [2024-11-22 02:07:12,574 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-22 02:07:12,574 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 65 [2024-11-22 02:07:12,574 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:12,576 INFO L225 Difference]: With dead ends: 556 [2024-11-22 02:07:12,576 INFO L226 Difference]: Without dead ends: 382 [2024-11-22 02:07:12,579 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-22 02:07:12,580 INFO L432 NwaCegarLoop]: 207 mSDtfsCounter, 148 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 402 SdHoareTripleChecker+Invalid, 81 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:12,581 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 402 Invalid, 81 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-22 02:07:12,582 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 382 states. [2024-11-22 02:07:12,621 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 382 to 375. [2024-11-22 02:07:12,622 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 375 states, 280 states have (on average 1.2178571428571427) internal successors, (341), 296 states have internal predecessors, (341), 48 states have call successors, (48), 38 states have call predecessors, (48), 46 states have return successors, (83), 51 states have call predecessors, (83), 48 states have call successors, (83) [2024-11-22 02:07:12,625 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 375 states to 375 states and 472 transitions. [2024-11-22 02:07:12,626 INFO L78 Accepts]: Start accepts. Automaton has 375 states and 472 transitions. Word has length 65 [2024-11-22 02:07:12,626 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:12,626 INFO L471 AbstractCegarLoop]: Abstraction has 375 states and 472 transitions. [2024-11-22 02:07:12,627 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 13.0) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2024-11-22 02:07:12,628 INFO L276 IsEmpty]: Start isEmpty. Operand 375 states and 472 transitions. [2024-11-22 02:07:12,629 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2024-11-22 02:07:12,630 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:12,630 INFO L215 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:12,630 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-22 02:07:12,630 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:12,631 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:12,631 INFO L85 PathProgramCache]: Analyzing trace with hash 843636315, now seen corresponding path program 1 times [2024-11-22 02:07:12,631 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:12,631 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [620491267] [2024-11-22 02:07:12,631 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:12,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:12,650 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:12,853 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2024-11-22 02:07:12,853 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:12,853 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [620491267] [2024-11-22 02:07:12,853 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [620491267] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-22 02:07:12,853 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-22 02:07:12,853 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2024-11-22 02:07:12,853 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1464649970] [2024-11-22 02:07:12,854 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-22 02:07:12,854 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2024-11-22 02:07:12,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:12,854 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2024-11-22 02:07:12,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=25, Invalid=65, Unknown=0, NotChecked=0, Total=90 [2024-11-22 02:07:12,855 INFO L87 Difference]: Start difference. First operand 375 states and 472 transitions. Second operand has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-22 02:07:13,214 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:13,215 INFO L93 Difference]: Finished difference Result 979 states and 1302 transitions. [2024-11-22 02:07:13,216 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-22 02:07:13,216 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 69 [2024-11-22 02:07:13,216 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:13,220 INFO L225 Difference]: With dead ends: 979 [2024-11-22 02:07:13,220 INFO L226 Difference]: Without dead ends: 668 [2024-11-22 02:07:13,222 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 34 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=75, Invalid=165, Unknown=0, NotChecked=0, Total=240 [2024-11-22 02:07:13,223 INFO L432 NwaCegarLoop]: 137 mSDtfsCounter, 404 mSDsluCounter, 480 mSDsCounter, 0 mSdLazyCounter, 334 mSolverCounterSat, 106 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 411 SdHoareTripleChecker+Valid, 617 SdHoareTripleChecker+Invalid, 440 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 106 IncrementalHoareTripleChecker+Valid, 334 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:13,224 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [411 Valid, 617 Invalid, 440 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [106 Valid, 334 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-22 02:07:13,225 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 668 states. [2024-11-22 02:07:13,275 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 668 to 603. [2024-11-22 02:07:13,276 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 603 states, 450 states have (on average 1.2022222222222223) internal successors, (541), 474 states have internal predecessors, (541), 78 states have call successors, (78), 64 states have call predecessors, (78), 74 states have return successors, (139), 79 states have call predecessors, (139), 78 states have call successors, (139) [2024-11-22 02:07:13,279 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 603 states to 603 states and 758 transitions. [2024-11-22 02:07:13,279 INFO L78 Accepts]: Start accepts. Automaton has 603 states and 758 transitions. Word has length 69 [2024-11-22 02:07:13,279 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:13,280 INFO L471 AbstractCegarLoop]: Abstraction has 603 states and 758 transitions. [2024-11-22 02:07:13,280 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 9 states have internal predecessors, (54), 5 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-22 02:07:13,280 INFO L276 IsEmpty]: Start isEmpty. Operand 603 states and 758 transitions. [2024-11-22 02:07:13,281 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2024-11-22 02:07:13,281 INFO L207 NwaCegarLoop]: Found error trace [2024-11-22 02:07:13,281 INFO L215 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:13,281 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-22 02:07:13,281 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-22 02:07:13,282 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-22 02:07:13,282 INFO L85 PathProgramCache]: Analyzing trace with hash 2033626689, now seen corresponding path program 1 times [2024-11-22 02:07:13,282 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2024-11-22 02:07:13,282 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [742040629] [2024-11-22 02:07:13,282 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:13,282 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-22 02:07:13,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:13,430 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-22 02:07:13,432 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2024-11-22 02:07:13,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [742040629] [2024-11-22 02:07:13,432 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [742040629] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-22 02:07:13,432 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [685235362] [2024-11-22 02:07:13,433 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-22 02:07:13,433 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-22 02:07:13,433 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2024-11-22 02:07:13,435 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-22 02:07:13,436 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-22 02:07:13,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-22 02:07:13,534 INFO L255 TraceCheckSpWp]: Trace formula consists of 387 conjuncts, 8 conjuncts are in the unsatisfiable core [2024-11-22 02:07:13,543 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-22 02:07:13,741 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 31 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-22 02:07:13,742 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-22 02:07:13,941 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-22 02:07:13,942 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [685235362] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-22 02:07:13,942 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-22 02:07:13,942 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 15 [2024-11-22 02:07:13,943 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1606257532] [2024-11-22 02:07:13,943 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-22 02:07:13,943 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2024-11-22 02:07:13,943 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2024-11-22 02:07:13,944 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2024-11-22 02:07:13,944 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=169, Unknown=0, NotChecked=0, Total=210 [2024-11-22 02:07:13,944 INFO L87 Difference]: Start difference. First operand 603 states and 758 transitions. Second operand has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) [2024-11-22 02:07:14,383 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-22 02:07:14,384 INFO L93 Difference]: Finished difference Result 1257 states and 1613 transitions. [2024-11-22 02:07:14,384 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2024-11-22 02:07:14,385 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) Word has length 123 [2024-11-22 02:07:14,385 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-22 02:07:14,386 INFO L225 Difference]: With dead ends: 1257 [2024-11-22 02:07:14,386 INFO L226 Difference]: Without dead ends: 0 [2024-11-22 02:07:14,388 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 270 GetRequests, 242 SyntacticMatches, 4 SemanticMatches, 24 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 133 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=162, Invalid=488, Unknown=0, NotChecked=0, Total=650 [2024-11-22 02:07:14,389 INFO L432 NwaCegarLoop]: 232 mSDtfsCounter, 388 mSDsluCounter, 1293 mSDsCounter, 0 mSdLazyCounter, 365 mSolverCounterSat, 139 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 390 SdHoareTripleChecker+Valid, 1525 SdHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 139 IncrementalHoareTripleChecker+Valid, 365 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-22 02:07:14,389 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [390 Valid, 1525 Invalid, 504 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [139 Valid, 365 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-22 02:07:14,389 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-22 02:07:14,390 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-22 02:07:14,390 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-22 02:07:14,390 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-22 02:07:14,390 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 123 [2024-11-22 02:07:14,390 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-22 02:07:14,391 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-22 02:07:14,391 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 10.2) internal successors, (153), 13 states have internal predecessors, (153), 7 states have call successors, (26), 4 states have call predecessors, (26), 8 states have return successors, (25), 9 states have call predecessors, (25), 7 states have call successors, (25) [2024-11-22 02:07:14,391 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-22 02:07:14,391 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-22 02:07:14,393 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-22 02:07:14,401 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-22 02:07:14,594 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-22 02:07:14,596 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-22 02:07:14,598 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-22 02:07:18,052 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-22 02:07:18,070 WARN L156 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 1) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) (= ~pumpRunning~0 1)) Eliminated clause: (and (= 1 ~systemActive~0) (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0) (= ~pumpRunning~0 1)) [2024-11-22 02:07:18,094 WARN L156 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) (<= 1 ~switchedOnBeforeTS~0)) (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (or (not .cse2) (and .cse1 (= ~pumpRunning~0 1))) (let ((.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse3 .cse2 (= |old(~waterLevel~0)| 2)) (and .cse3 .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4) (and .cse3 .cse0 .cse4))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (and (= ~pumpRunning~0 0) .cse1)) (or (not .cse2) (and .cse1 (= ~pumpRunning~0 1))) (or (< |old(~switchedOnBeforeTS~0)| 1) (< 0 ~switchedOnBeforeTS~0)) (let ((.cse3 (= 1 ~systemActive~0)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and .cse3 .cse2 (= |old(~waterLevel~0)| 2)) (and .cse3 .cse2 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4) (and .cse3 .cse0 .cse4)))))) [2024-11-22 02:07:18,102 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:07:18,108 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0))))))) [2024-11-22 02:07:18,112 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:07:18,115 WARN L156 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 1))) (or (and .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse1 .cse0 .cse3))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1)))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse2 (<= |old(~waterLevel~0)| 2)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= ~pumpRunning~0 1))) (or (and .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2) (and .cse1 .cse0 .cse3))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1))))) [2024-11-22 02:07:18,120 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:07:18,124 WARN L156 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~pumpRunning~0)| 1))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (not .cse1) (= ~pumpRunning~0 1)) (let ((.cse2 (= 1 ~systemActive~0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse2 .cse0 .cse3) (and .cse2 .cse1 .cse3 (<= 1 ~switchedOnBeforeTS~0))))))) [2024-11-22 02:07:18,126 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-22 02:07:18,135 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.11 02:07:18 BoogieIcfgContainer [2024-11-22 02:07:18,135 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-22 02:07:18,135 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-22 02:07:18,136 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-22 02:07:18,136 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-22 02:07:18,136 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.11 02:07:10" (3/4) ... [2024-11-22 02:07:18,138 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-22 02:07:18,141 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-22 02:07:18,141 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-22 02:07:18,142 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-22 02:07:18,142 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-22 02:07:18,142 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-22 02:07:18,144 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-22 02:07:18,144 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-22 02:07:18,144 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-22 02:07:18,145 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-22 02:07:18,145 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-22 02:07:18,151 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 21 nodes and edges [2024-11-22 02:07:18,152 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2024-11-22 02:07:18,153 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-22 02:07:18,153 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:07:18,153 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-22 02:07:18,248 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2024-11-22 02:07:18,249 INFO L149 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.yml [2024-11-22 02:07:18,249 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-22 02:07:18,249 INFO L158 Benchmark]: Toolchain (without parser) took 8379.19ms. Allocated memory was 176.2MB in the beginning and 211.8MB in the end (delta: 35.7MB). Free memory was 107.8MB in the beginning and 115.2MB in the end (delta: -7.4MB). Peak memory consumption was 30.3MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,249 INFO L158 Benchmark]: CDTParser took 0.14ms. Allocated memory is still 104.9MB. Free memory was 76.0MB in the beginning and 75.9MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-22 02:07:18,249 INFO L158 Benchmark]: CACSL2BoogieTranslator took 471.47ms. Allocated memory is still 176.2MB. Free memory was 107.6MB in the beginning and 143.2MB in the end (delta: -35.6MB). Peak memory consumption was 23.7MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,250 INFO L158 Benchmark]: Boogie Procedure Inliner took 31.98ms. Allocated memory is still 176.2MB. Free memory was 142.5MB in the beginning and 140.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,250 INFO L158 Benchmark]: Boogie Preprocessor took 31.64ms. Allocated memory is still 176.2MB. Free memory was 140.3MB in the beginning and 138.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,250 INFO L158 Benchmark]: RCFGBuilder took 418.45ms. Allocated memory is still 176.2MB. Free memory was 137.6MB in the beginning and 117.3MB in the end (delta: 20.3MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,250 INFO L158 Benchmark]: TraceAbstraction took 7307.22ms. Allocated memory was 176.2MB in the beginning and 211.8MB in the end (delta: 35.7MB). Free memory was 116.7MB in the beginning and 123.6MB in the end (delta: -7.0MB). Peak memory consumption was 97.4MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,250 INFO L158 Benchmark]: Witness Printer took 113.44ms. Allocated memory is still 211.8MB. Free memory was 123.6MB in the beginning and 115.2MB in the end (delta: 8.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-22 02:07:18,251 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.14ms. Allocated memory is still 104.9MB. Free memory was 76.0MB in the beginning and 75.9MB in the end (delta: 118.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 471.47ms. Allocated memory is still 176.2MB. Free memory was 107.6MB in the beginning and 143.2MB in the end (delta: -35.6MB). Peak memory consumption was 23.7MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 31.98ms. Allocated memory is still 176.2MB. Free memory was 142.5MB in the beginning and 140.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 31.64ms. Allocated memory is still 176.2MB. Free memory was 140.3MB in the beginning and 138.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 418.45ms. Allocated memory is still 176.2MB. Free memory was 137.6MB in the beginning and 117.3MB in the end (delta: 20.3MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * TraceAbstraction took 7307.22ms. Allocated memory was 176.2MB in the beginning and 211.8MB in the end (delta: 35.7MB). Free memory was 116.7MB in the beginning and 123.6MB in the end (delta: -7.0MB). Peak memory consumption was 97.4MB. Max. memory is 16.1GB. * Witness Printer took 113.44ms. Allocated memory is still 211.8MB. Free memory was 123.6MB in the beginning and 115.2MB in the end (delta: 8.5MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] - GenericResultAtLocation [Line: 364]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] - GenericResultAtLocation [Line: 434]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] - GenericResultAtLocation [Line: 800]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] - GenericResultAtLocation [Line: 903]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] - GenericResultAtLocation [Line: 1003]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] - GenericResultAtLocation [Line: 1012]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1008]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 114 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 3.7s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1332 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1313 mSDsluCounter, 4531 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3110 mSDsCounter, 302 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1046 IncrementalHoareTripleChecker+Invalid, 1348 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 302 mSolverCounterUnsat, 1421 mSDtfsCounter, 1046 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 333 GetRequests, 269 SyntacticMatches, 4 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 185 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=603occurred in iteration=9, InterpolantAutomatonStates: 60, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 76 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.3s InterpolantComputationTime, 723 NumberOfCodeBlocks, 723 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 834 ConstructedInterpolants, 0 QuantifiedInterpolants, 1542 SizeOfPredicates, 2 NumberOfNonLiveVariables, 387 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 119/153 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 377]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 378]: Loop Invariant Derived loop invariant: (((((((1 == systemActive) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2))) || ((((2 == waterLevel) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) - ProcedureContractResult [Line: 203]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 827]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: ((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 905]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (((2 == waterLevel) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) && (1 == systemActive)) && ((((\old(pumpRunning) == 1) && (\old(waterLevel) == 2)) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) || (((\old(pumpRunning) == 1) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)))) && (((\old(pumpRunning) != 1) || (\old(waterLevel) != 2)) || (waterLevel == 1))) && (((\old(pumpRunning) != 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (((waterLevel <= 2) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: (((((\old(pumpRunning) != 1) || (pumpRunning == 1)) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 815]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: ((((((2 == waterLevel) || (\old(waterLevel) != 2)) && ((((((1 == systemActive) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) <= 2))) || (((1 == systemActive) && (\old(waterLevel) == 2)) && (pumpRunning == 1)))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 127]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Ensures: ((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (2 == waterLevel)) && ((((1 == systemActive) && (\old(pumpRunning) == 0)) && (waterLevel <= 2)) || ((((1 == systemActive) && (\old(pumpRunning) == 1)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 222]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) Ensures: ((((((((pumpRunning == 0) && (1 == systemActive)) && (waterLevel <= 2)) || (((2 == waterLevel) && (1 == systemActive)) && (pumpRunning == 1))) || ((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) && ((pumpRunning != 0) || (\result == 0))) && ((\result == 1) || (pumpRunning != 1))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) Ensures: ((((((1 == systemActive) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1)) || (((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-22 02:07:18,274 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:4000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE