./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 29e70cf9c9b1d0bd005d907ed1d78af9dd0d19752a19f66dfee72f35dd243fc7 --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:38:24,314 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:38:24,316 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:38:24,368 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:38:24,369 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:38:24,370 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:38:24,372 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:38:24,375 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:38:24,377 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:38:24,383 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:38:24,384 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:38:24,386 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:38:24,386 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:38:24,388 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:38:24,390 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:38:24,394 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:38:24,395 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:38:24,397 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:38:24,398 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:38:24,403 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:38:24,406 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:38:24,406 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:38:24,407 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:38:24,408 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:38:24,410 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:38:24,414 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:38:24,414 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:38:24,415 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:38:24,416 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:38:24,416 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:38:24,417 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:38:24,417 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:38:24,419 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:38:24,419 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:38:24,420 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:38:24,421 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:38:24,421 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:38:24,422 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:38:24,422 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:38:24,422 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:38:24,423 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:38:24,425 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:38:24,426 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:38:24,457 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:38:24,458 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:38:24,458 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:38:24,458 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:38:24,459 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:38:24,459 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:38:24,460 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:38:24,460 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:38:24,460 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:38:24,461 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:38:24,461 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:38:24,461 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:38:24,462 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:38:24,462 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:38:24,462 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:38:24,462 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:38:24,462 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:38:24,463 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:38:24,463 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:38:24,464 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:38:24,464 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:38:24,465 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:38:24,465 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:38:24,465 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:38:24,465 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:24,466 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:38:24,466 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:38:24,466 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:38:24,466 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:38:24,466 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:38:24,467 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:38:24,467 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:38:24,467 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:38:24,467 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 29e70cf9c9b1d0bd005d907ed1d78af9dd0d19752a19f66dfee72f35dd243fc7 [2022-07-22 17:38:24,713 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:38:24,735 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:38:24,738 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:38:24,739 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:38:24,739 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:38:24,741 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c [2022-07-22 17:38:24,796 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5260228bf/b13a838c3e9c4bc59c6de7e73d918f78/FLAG15c4080c8 [2022-07-22 17:38:25,296 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:38:25,297 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c [2022-07-22 17:38:25,312 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5260228bf/b13a838c3e9c4bc59c6de7e73d918f78/FLAG15c4080c8 [2022-07-22 17:38:25,625 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/5260228bf/b13a838c3e9c4bc59c6de7e73d918f78 [2022-07-22 17:38:25,628 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:38:25,629 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:38:25,630 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:25,630 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:38:25,632 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:38:25,633 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:25" (1/1) ... [2022-07-22 17:38:25,634 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@64ef3616 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:25, skipping insertion in model container [2022-07-22 17:38:25,634 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:38:25" (1/1) ... [2022-07-22 17:38:25,639 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:38:25,667 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:38:25,895 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c[17206,17219] [2022-07-22 17:38:25,901 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:25,915 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:38:26,014 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec3_product37.cil.c[17206,17219] [2022-07-22 17:38:26,023 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:38:26,042 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:38:26,043 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26 WrapperNode [2022-07-22 17:38:26,043 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:38:26,044 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:26,044 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:38:26,044 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:38:26,050 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,068 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,091 INFO L137 Inliner]: procedures = 53, calls = 154, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 251 [2022-07-22 17:38:26,092 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:38:26,092 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:38:26,092 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:38:26,093 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:38:26,099 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,100 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,102 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,102 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,107 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,111 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,113 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,115 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:38:26,116 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:38:26,116 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:38:26,116 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:38:26,117 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (1/1) ... [2022-07-22 17:38:26,124 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:38:26,136 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:26,147 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:38:26,169 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:38:26,196 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:38:26,197 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:38:26,197 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:38:26,197 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-07-22 17:38:26,197 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-07-22 17:38:26,197 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:38:26,198 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:38:26,199 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:38:26,200 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:38:26,200 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:38:26,200 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:38:26,200 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:38:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:38:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:38:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:38:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:38:26,201 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:38:26,201 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:38:26,301 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:38:26,317 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:38:26,647 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:38:26,652 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:38:26,653 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:38:26,654 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:26 BoogieIcfgContainer [2022-07-22 17:38:26,655 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:38:26,656 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:38:26,657 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:38:26,662 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:38:26,663 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:38:25" (1/3) ... [2022-07-22 17:38:26,664 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b26a277 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:26, skipping insertion in model container [2022-07-22 17:38:26,664 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:38:26" (2/3) ... [2022-07-22 17:38:26,665 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5b26a277 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:38:26, skipping insertion in model container [2022-07-22 17:38:26,665 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:26" (3/3) ... [2022-07-22 17:38:26,666 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product37.cil.c [2022-07-22 17:38:26,679 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:38:26,680 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:38:26,764 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:38:26,772 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@3500278, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@234472a4 [2022-07-22 17:38:26,773 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:38:26,783 INFO L276 IsEmpty]: Start isEmpty. Operand has 87 states, 66 states have (on average 1.393939393939394) internal successors, (92), 74 states have internal predecessors, (92), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-07-22 17:38:26,797 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-07-22 17:38:26,803 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:26,804 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:26,805 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:26,819 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:26,819 INFO L85 PathProgramCache]: Analyzing trace with hash -817040355, now seen corresponding path program 1 times [2022-07-22 17:38:26,827 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:26,828 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [324694485] [2022-07-22 17:38:26,828 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:26,829 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:26,927 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:26,984 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-22 17:38:26,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:26,995 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:26,996 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:26,997 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [324694485] [2022-07-22 17:38:26,997 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [324694485] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:26,998 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:26,998 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:38:27,000 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [572933788] [2022-07-22 17:38:27,001 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:27,006 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:38:27,006 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:27,034 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:38:27,035 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:27,038 INFO L87 Difference]: Start difference. First operand has 87 states, 66 states have (on average 1.393939393939394) internal successors, (92), 74 states have internal predecessors, (92), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:27,081 INFO L93 Difference]: Finished difference Result 166 states and 227 transitions. [2022-07-22 17:38:27,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:38:27,084 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2022-07-22 17:38:27,084 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:27,093 INFO L225 Difference]: With dead ends: 166 [2022-07-22 17:38:27,094 INFO L226 Difference]: Without dead ends: 78 [2022-07-22 17:38:27,098 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:38:27,102 INFO L413 NwaCegarLoop]: 110 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 110 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:27,103 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 110 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:27,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2022-07-22 17:38:27,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2022-07-22 17:38:27,149 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 66 states have internal predecessors, (78), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-07-22 17:38:27,153 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 101 transitions. [2022-07-22 17:38:27,155 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 101 transitions. Word has length 25 [2022-07-22 17:38:27,155 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:27,156 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 101 transitions. [2022-07-22 17:38:27,157 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,157 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 101 transitions. [2022-07-22 17:38:27,160 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-07-22 17:38:27,160 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:27,161 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:27,161 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:38:27,162 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:27,162 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:27,162 INFO L85 PathProgramCache]: Analyzing trace with hash -929835373, now seen corresponding path program 1 times [2022-07-22 17:38:27,163 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:27,163 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [188996710] [2022-07-22 17:38:27,164 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:27,164 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:27,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,249 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2022-07-22 17:38:27,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,253 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:27,254 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:27,254 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [188996710] [2022-07-22 17:38:27,254 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [188996710] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:27,254 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:27,254 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:38:27,255 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1845387940] [2022-07-22 17:38:27,255 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:27,256 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:38:27,256 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:27,257 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:38:27,257 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:27,257 INFO L87 Difference]: Start difference. First operand 78 states and 101 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,270 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:27,270 INFO L93 Difference]: Finished difference Result 122 states and 158 transitions. [2022-07-22 17:38:27,271 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:38:27,271 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2022-07-22 17:38:27,272 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:27,273 INFO L225 Difference]: With dead ends: 122 [2022-07-22 17:38:27,273 INFO L226 Difference]: Without dead ends: 69 [2022-07-22 17:38:27,274 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:38:27,275 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 12 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 160 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:27,275 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 160 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:38:27,276 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-07-22 17:38:27,281 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-07-22 17:38:27,282 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 53 states have (on average 1.3396226415094339) internal successors, (71), 60 states have internal predecessors, (71), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-22 17:38:27,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 89 transitions. [2022-07-22 17:38:27,283 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 89 transitions. Word has length 26 [2022-07-22 17:38:27,283 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:27,284 INFO L495 AbstractCegarLoop]: Abstraction has 69 states and 89 transitions. [2022-07-22 17:38:27,284 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,284 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 89 transitions. [2022-07-22 17:38:27,285 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-07-22 17:38:27,285 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:27,285 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:27,286 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:38:27,286 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:27,286 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:27,286 INFO L85 PathProgramCache]: Analyzing trace with hash 1035191503, now seen corresponding path program 1 times [2022-07-22 17:38:27,287 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:27,287 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2021418523] [2022-07-22 17:38:27,287 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:27,287 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:27,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,354 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:27,356 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,357 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:27,358 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:27,358 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2021418523] [2022-07-22 17:38:27,358 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2021418523] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:27,359 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:27,359 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:38:27,359 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1875113800] [2022-07-22 17:38:27,359 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:27,360 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:38:27,360 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:27,360 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:38:27,361 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:38:27,361 INFO L87 Difference]: Start difference. First operand 69 states and 89 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,467 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:27,467 INFO L93 Difference]: Finished difference Result 131 states and 172 transitions. [2022-07-22 17:38:27,470 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:38:27,471 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 30 [2022-07-22 17:38:27,471 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:27,472 INFO L225 Difference]: With dead ends: 131 [2022-07-22 17:38:27,472 INFO L226 Difference]: Without dead ends: 69 [2022-07-22 17:38:27,473 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:27,475 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 171 mSDsluCounter, 102 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 171 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 68 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:27,478 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [171 Valid, 184 Invalid, 68 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 41 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:27,479 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-07-22 17:38:27,485 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-07-22 17:38:27,485 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 53 states have (on average 1.320754716981132) internal successors, (70), 60 states have internal predecessors, (70), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-22 17:38:27,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 88 transitions. [2022-07-22 17:38:27,486 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 88 transitions. Word has length 30 [2022-07-22 17:38:27,487 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:27,487 INFO L495 AbstractCegarLoop]: Abstraction has 69 states and 88 transitions. [2022-07-22 17:38:27,487 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-07-22 17:38:27,487 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 88 transitions. [2022-07-22 17:38:27,488 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-07-22 17:38:27,489 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:27,489 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:27,489 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:38:27,489 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:27,490 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:27,490 INFO L85 PathProgramCache]: Analyzing trace with hash -2104271006, now seen corresponding path program 1 times [2022-07-22 17:38:27,490 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:27,490 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1949963271] [2022-07-22 17:38:27,491 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:27,491 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:27,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,566 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:27,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,578 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:38:27,580 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,581 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-07-22 17:38:27,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,584 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:27,584 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:27,584 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1949963271] [2022-07-22 17:38:27,585 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1949963271] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:27,585 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:27,585 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:38:27,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [236686382] [2022-07-22 17:38:27,585 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:27,586 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:38:27,586 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:27,586 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:38:27,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:38:27,587 INFO L87 Difference]: Start difference. First operand 69 states and 88 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-22 17:38:27,738 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:27,738 INFO L93 Difference]: Finished difference Result 208 states and 266 transitions. [2022-07-22 17:38:27,739 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:27,739 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 40 [2022-07-22 17:38:27,739 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:27,745 INFO L225 Difference]: With dead ends: 208 [2022-07-22 17:38:27,745 INFO L226 Difference]: Without dead ends: 146 [2022-07-22 17:38:27,748 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:27,754 INFO L413 NwaCegarLoop]: 132 mSDtfsCounter, 167 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 169 SdHoareTripleChecker+Valid, 302 SdHoareTripleChecker+Invalid, 143 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:27,756 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [169 Valid, 302 Invalid, 143 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:27,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 146 states. [2022-07-22 17:38:27,775 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 146 to 140. [2022-07-22 17:38:27,780 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 108 states have (on average 1.2777777777777777) internal successors, (138), 115 states have internal predecessors, (138), 15 states have call successors, (15), 13 states have call predecessors, (15), 16 states have return successors, (20), 16 states have call predecessors, (20), 15 states have call successors, (20) [2022-07-22 17:38:27,782 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 173 transitions. [2022-07-22 17:38:27,782 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 173 transitions. Word has length 40 [2022-07-22 17:38:27,783 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:27,783 INFO L495 AbstractCegarLoop]: Abstraction has 140 states and 173 transitions. [2022-07-22 17:38:27,783 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-22 17:38:27,784 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 173 transitions. [2022-07-22 17:38:27,788 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-07-22 17:38:27,788 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:27,788 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:27,789 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:38:27,789 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:27,789 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:27,790 INFO L85 PathProgramCache]: Analyzing trace with hash 1015544271, now seen corresponding path program 1 times [2022-07-22 17:38:27,790 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:27,790 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2107192434] [2022-07-22 17:38:27,791 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:27,791 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:27,817 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,869 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:27,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,888 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-22 17:38:27,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:27,891 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:27,891 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:27,891 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2107192434] [2022-07-22 17:38:27,892 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2107192434] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:27,892 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:27,892 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:38:27,892 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [735575588] [2022-07-22 17:38:27,892 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:27,893 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:38:27,893 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:27,894 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:38:27,894 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:38:27,894 INFO L87 Difference]: Start difference. First operand 140 states and 173 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:28,124 INFO L93 Difference]: Finished difference Result 392 states and 507 transitions. [2022-07-22 17:38:28,124 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-07-22 17:38:28,124 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 44 [2022-07-22 17:38:28,125 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:28,127 INFO L225 Difference]: With dead ends: 392 [2022-07-22 17:38:28,127 INFO L226 Difference]: Without dead ends: 259 [2022-07-22 17:38:28,128 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=111, Unknown=0, NotChecked=0, Total=156 [2022-07-22 17:38:28,129 INFO L413 NwaCegarLoop]: 109 mSDtfsCounter, 157 mSDsluCounter, 275 mSDsCounter, 0 mSdLazyCounter, 165 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 163 SdHoareTripleChecker+Valid, 384 SdHoareTripleChecker+Invalid, 206 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 165 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:28,129 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [163 Valid, 384 Invalid, 206 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 165 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:38:28,130 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 259 states. [2022-07-22 17:38:28,147 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 259 to 226. [2022-07-22 17:38:28,148 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 226 states, 175 states have (on average 1.28) internal successors, (224), 184 states have internal predecessors, (224), 25 states have call successors, (25), 23 states have call predecessors, (25), 25 states have return successors, (35), 25 states have call predecessors, (35), 25 states have call successors, (35) [2022-07-22 17:38:28,149 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 226 states to 226 states and 284 transitions. [2022-07-22 17:38:28,150 INFO L78 Accepts]: Start accepts. Automaton has 226 states and 284 transitions. Word has length 44 [2022-07-22 17:38:28,150 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:28,150 INFO L495 AbstractCegarLoop]: Abstraction has 226 states and 284 transitions. [2022-07-22 17:38:28,150 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 3 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,151 INFO L276 IsEmpty]: Start isEmpty. Operand 226 states and 284 transitions. [2022-07-22 17:38:28,152 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-07-22 17:38:28,152 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:28,152 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:28,152 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:38:28,152 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:28,153 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:28,153 INFO L85 PathProgramCache]: Analyzing trace with hash 796689553, now seen corresponding path program 1 times [2022-07-22 17:38:28,153 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:28,153 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1114050881] [2022-07-22 17:38:28,154 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:28,154 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:28,173 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,204 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:28,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,237 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-22 17:38:28,238 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,240 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:28,240 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:28,240 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1114050881] [2022-07-22 17:38:28,240 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1114050881] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:28,240 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:28,241 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:38:28,241 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1654631443] [2022-07-22 17:38:28,241 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:28,242 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:38:28,242 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:28,242 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:38:28,242 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:38:28,243 INFO L87 Difference]: Start difference. First operand 226 states and 284 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:28,389 INFO L93 Difference]: Finished difference Result 459 states and 584 transitions. [2022-07-22 17:38:28,389 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:28,390 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 44 [2022-07-22 17:38:28,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:28,400 INFO L225 Difference]: With dead ends: 459 [2022-07-22 17:38:28,400 INFO L226 Difference]: Without dead ends: 240 [2022-07-22 17:38:28,401 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:38:28,401 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 59 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:28,402 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 364 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:28,402 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 240 states. [2022-07-22 17:38:28,416 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 240 to 232. [2022-07-22 17:38:28,416 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 232 states, 181 states have (on average 1.270718232044199) internal successors, (230), 190 states have internal predecessors, (230), 25 states have call successors, (25), 23 states have call predecessors, (25), 25 states have return successors, (35), 25 states have call predecessors, (35), 25 states have call successors, (35) [2022-07-22 17:38:28,418 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 232 states to 232 states and 290 transitions. [2022-07-22 17:38:28,418 INFO L78 Accepts]: Start accepts. Automaton has 232 states and 290 transitions. Word has length 44 [2022-07-22 17:38:28,418 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:28,418 INFO L495 AbstractCegarLoop]: Abstraction has 232 states and 290 transitions. [2022-07-22 17:38:28,418 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,418 INFO L276 IsEmpty]: Start isEmpty. Operand 232 states and 290 transitions. [2022-07-22 17:38:28,419 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-07-22 17:38:28,419 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:28,419 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:28,420 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-22 17:38:28,420 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:28,420 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:28,420 INFO L85 PathProgramCache]: Analyzing trace with hash -20958897, now seen corresponding path program 1 times [2022-07-22 17:38:28,420 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:28,420 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1003559663] [2022-07-22 17:38:28,421 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:28,421 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:28,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,453 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:28,457 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,472 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-22 17:38:28,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,474 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:28,474 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:28,474 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1003559663] [2022-07-22 17:38:28,475 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1003559663] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:28,475 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:28,475 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:38:28,475 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [901069836] [2022-07-22 17:38:28,475 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:28,475 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-07-22 17:38:28,475 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:28,476 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-07-22 17:38:28,476 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:38:28,476 INFO L87 Difference]: Start difference. First operand 232 states and 290 transitions. Second operand has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,633 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:28,633 INFO L93 Difference]: Finished difference Result 423 states and 534 transitions. [2022-07-22 17:38:28,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:28,634 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) Word has length 44 [2022-07-22 17:38:28,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:28,635 INFO L225 Difference]: With dead ends: 423 [2022-07-22 17:38:28,635 INFO L226 Difference]: Without dead ends: 198 [2022-07-22 17:38:28,636 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=65, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:38:28,636 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 93 mSDsluCounter, 240 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 164 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:28,637 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 312 Invalid, 164 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:28,637 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2022-07-22 17:38:28,647 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 193. [2022-07-22 17:38:28,647 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 150 states have (on average 1.2466666666666666) internal successors, (187), 158 states have internal predecessors, (187), 21 states have call successors, (21), 19 states have call predecessors, (21), 21 states have return successors, (26), 21 states have call predecessors, (26), 21 states have call successors, (26) [2022-07-22 17:38:28,648 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 234 transitions. [2022-07-22 17:38:28,648 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 234 transitions. Word has length 44 [2022-07-22 17:38:28,649 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:28,649 INFO L495 AbstractCegarLoop]: Abstraction has 193 states and 234 transitions. [2022-07-22 17:38:28,649 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.571428571428571) internal successors, (39), 6 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 1 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:38:28,649 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 234 transitions. [2022-07-22 17:38:28,650 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-07-22 17:38:28,650 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:28,650 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:28,650 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-22 17:38:28,650 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:28,651 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:28,651 INFO L85 PathProgramCache]: Analyzing trace with hash -766382886, now seen corresponding path program 1 times [2022-07-22 17:38:28,651 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:28,651 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [34371584] [2022-07-22 17:38:28,651 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:28,651 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:28,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,698 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:28,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,704 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:38:28,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,706 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-07-22 17:38:28,706 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,708 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:28,708 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:28,708 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [34371584] [2022-07-22 17:38:28,708 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [34371584] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:28,708 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:28,708 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:38:28,709 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1948358846] [2022-07-22 17:38:28,709 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:28,709 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:38:28,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:28,709 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:38:28,710 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:38:28,710 INFO L87 Difference]: Start difference. First operand 193 states and 234 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-07-22 17:38:28,876 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:28,876 INFO L93 Difference]: Finished difference Result 382 states and 463 transitions. [2022-07-22 17:38:28,877 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:38:28,877 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2022-07-22 17:38:28,877 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:28,878 INFO L225 Difference]: With dead ends: 382 [2022-07-22 17:38:28,878 INFO L226 Difference]: Without dead ends: 196 [2022-07-22 17:38:28,879 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-07-22 17:38:28,879 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 108 mSDsluCounter, 243 mSDsCounter, 0 mSdLazyCounter, 139 mSolverCounterSat, 25 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 327 SdHoareTripleChecker+Invalid, 164 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 25 IncrementalHoareTripleChecker+Valid, 139 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:28,880 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 327 Invalid, 164 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [25 Valid, 139 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:28,880 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 196 states. [2022-07-22 17:38:28,889 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 196 to 191. [2022-07-22 17:38:28,889 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 191 states, 148 states have (on average 1.2364864864864864) internal successors, (183), 156 states have internal predecessors, (183), 21 states have call successors, (21), 19 states have call predecessors, (21), 21 states have return successors, (26), 21 states have call predecessors, (26), 21 states have call successors, (26) [2022-07-22 17:38:28,890 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 191 states to 191 states and 230 transitions. [2022-07-22 17:38:28,890 INFO L78 Accepts]: Start accepts. Automaton has 191 states and 230 transitions. Word has length 46 [2022-07-22 17:38:28,891 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:28,891 INFO L495 AbstractCegarLoop]: Abstraction has 191 states and 230 transitions. [2022-07-22 17:38:28,891 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-07-22 17:38:28,891 INFO L276 IsEmpty]: Start isEmpty. Operand 191 states and 230 transitions. [2022-07-22 17:38:28,892 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-07-22 17:38:28,892 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:28,892 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:28,892 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-22 17:38:28,892 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:28,893 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:28,893 INFO L85 PathProgramCache]: Analyzing trace with hash 390915315, now seen corresponding path program 1 times [2022-07-22 17:38:28,893 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:28,893 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [56616889] [2022-07-22 17:38:28,893 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:28,893 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:28,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,972 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:28,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:28,983 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:38:28,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,007 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2022-07-22 17:38:29,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,014 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:29,018 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:29,018 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [56616889] [2022-07-22 17:38:29,018 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [56616889] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:29,019 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:29,019 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-07-22 17:38:29,019 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [513134337] [2022-07-22 17:38:29,019 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:29,021 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-07-22 17:38:29,021 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:29,022 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-07-22 17:38:29,022 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:38:29,022 INFO L87 Difference]: Start difference. First operand 191 states and 230 transitions. Second operand has 10 states, 10 states have (on average 4.1) internal successors, (41), 8 states have internal predecessors, (41), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-07-22 17:38:29,437 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:29,438 INFO L93 Difference]: Finished difference Result 388 states and 468 transitions. [2022-07-22 17:38:29,438 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2022-07-22 17:38:29,438 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.1) internal successors, (41), 8 states have internal predecessors, (41), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 48 [2022-07-22 17:38:29,439 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:29,441 INFO L225 Difference]: With dead ends: 388 [2022-07-22 17:38:29,441 INFO L226 Difference]: Without dead ends: 250 [2022-07-22 17:38:29,442 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 34 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 75 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=128, Invalid=424, Unknown=0, NotChecked=0, Total=552 [2022-07-22 17:38:29,444 INFO L413 NwaCegarLoop]: 129 mSDtfsCounter, 296 mSDsluCounter, 433 mSDsCounter, 0 mSdLazyCounter, 428 mSolverCounterSat, 114 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 297 SdHoareTripleChecker+Valid, 562 SdHoareTripleChecker+Invalid, 542 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 114 IncrementalHoareTripleChecker+Valid, 428 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:29,444 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [297 Valid, 562 Invalid, 542 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [114 Valid, 428 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-07-22 17:38:29,445 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 250 states. [2022-07-22 17:38:29,459 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 250 to 193. [2022-07-22 17:38:29,460 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 149 states have (on average 1.2147651006711409) internal successors, (181), 158 states have internal predecessors, (181), 21 states have call successors, (21), 19 states have call predecessors, (21), 22 states have return successors, (25), 21 states have call predecessors, (25), 21 states have call successors, (25) [2022-07-22 17:38:29,461 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 227 transitions. [2022-07-22 17:38:29,461 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 227 transitions. Word has length 48 [2022-07-22 17:38:29,462 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:29,462 INFO L495 AbstractCegarLoop]: Abstraction has 193 states and 227 transitions. [2022-07-22 17:38:29,462 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.1) internal successors, (41), 8 states have internal predecessors, (41), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-07-22 17:38:29,462 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 227 transitions. [2022-07-22 17:38:29,463 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-07-22 17:38:29,464 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:29,464 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:29,464 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-22 17:38:29,464 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:29,465 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:29,465 INFO L85 PathProgramCache]: Analyzing trace with hash 126598332, now seen corresponding path program 1 times [2022-07-22 17:38:29,465 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:29,465 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [743202550] [2022-07-22 17:38:29,466 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:29,466 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:29,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,506 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:29,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,515 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:38:29,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,539 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:38:29,540 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,542 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-22 17:38:29,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,544 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:29,544 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:29,544 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [743202550] [2022-07-22 17:38:29,544 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [743202550] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:29,545 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:29,545 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:38:29,545 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [222282756] [2022-07-22 17:38:29,545 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:29,546 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-07-22 17:38:29,547 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:29,547 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-07-22 17:38:29,547 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:38:29,547 INFO L87 Difference]: Start difference. First operand 193 states and 227 transitions. Second operand has 7 states, 7 states have (on average 5.857142857142857) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:38:29,729 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:29,729 INFO L93 Difference]: Finished difference Result 372 states and 443 transitions. [2022-07-22 17:38:29,730 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-07-22 17:38:29,730 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 5.857142857142857) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2022-07-22 17:38:29,731 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:29,741 INFO L225 Difference]: With dead ends: 372 [2022-07-22 17:38:29,741 INFO L226 Difference]: Without dead ends: 232 [2022-07-22 17:38:29,743 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2022-07-22 17:38:29,743 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 130 mSDsluCounter, 222 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 44 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 133 SdHoareTripleChecker+Valid, 296 SdHoareTripleChecker+Invalid, 242 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 44 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:29,744 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [133 Valid, 296 Invalid, 242 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [44 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:38:29,745 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 232 states. [2022-07-22 17:38:29,757 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 232 to 193. [2022-07-22 17:38:29,758 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 193 states, 149 states have (on average 1.2080536912751678) internal successors, (180), 158 states have internal predecessors, (180), 21 states have call successors, (21), 19 states have call predecessors, (21), 22 states have return successors, (25), 21 states have call predecessors, (25), 21 states have call successors, (25) [2022-07-22 17:38:29,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 193 states to 193 states and 226 transitions. [2022-07-22 17:38:29,761 INFO L78 Accepts]: Start accepts. Automaton has 193 states and 226 transitions. Word has length 50 [2022-07-22 17:38:29,762 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:29,762 INFO L495 AbstractCegarLoop]: Abstraction has 193 states and 226 transitions. [2022-07-22 17:38:29,763 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 5.857142857142857) internal successors, (41), 5 states have internal predecessors, (41), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:38:29,763 INFO L276 IsEmpty]: Start isEmpty. Operand 193 states and 226 transitions. [2022-07-22 17:38:29,763 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-07-22 17:38:29,763 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:29,763 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:29,764 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-07-22 17:38:29,764 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:29,764 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:29,764 INFO L85 PathProgramCache]: Analyzing trace with hash 41757120, now seen corresponding path program 1 times [2022-07-22 17:38:29,764 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:29,764 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [564468922] [2022-07-22 17:38:29,765 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:29,765 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:29,781 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,823 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:29,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,840 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:38:29,845 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,862 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:38:29,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,864 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-22 17:38:29,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:29,866 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:38:29,866 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:29,867 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [564468922] [2022-07-22 17:38:29,867 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [564468922] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:38:29,867 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:38:29,867 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-22 17:38:29,867 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [863959899] [2022-07-22 17:38:29,867 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:38:29,867 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-22 17:38:29,868 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:29,868 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-22 17:38:29,868 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=14, Invalid=42, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:38:29,868 INFO L87 Difference]: Start difference. First operand 193 states and 226 transitions. Second operand has 8 states, 8 states have (on average 5.125) internal successors, (41), 6 states have internal predecessors, (41), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-07-22 17:38:30,260 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:30,260 INFO L93 Difference]: Finished difference Result 472 states and 578 transitions. [2022-07-22 17:38:30,261 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2022-07-22 17:38:30,261 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 6 states have internal predecessors, (41), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 50 [2022-07-22 17:38:30,261 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:30,264 INFO L225 Difference]: With dead ends: 472 [2022-07-22 17:38:30,264 INFO L226 Difference]: Without dead ends: 332 [2022-07-22 17:38:30,265 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 87 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=132, Invalid=330, Unknown=0, NotChecked=0, Total=462 [2022-07-22 17:38:30,266 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 316 mSDsluCounter, 281 mSDsCounter, 0 mSdLazyCounter, 278 mSolverCounterSat, 113 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 321 SdHoareTripleChecker+Valid, 359 SdHoareTripleChecker+Invalid, 391 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 113 IncrementalHoareTripleChecker+Valid, 278 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:30,266 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [321 Valid, 359 Invalid, 391 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [113 Valid, 278 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:38:30,267 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 332 states. [2022-07-22 17:38:30,285 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 332 to 303. [2022-07-22 17:38:30,285 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 303 states, 233 states have (on average 1.1974248927038627) internal successors, (279), 247 states have internal predecessors, (279), 36 states have call successors, (36), 29 states have call predecessors, (36), 33 states have return successors, (46), 34 states have call predecessors, (46), 36 states have call successors, (46) [2022-07-22 17:38:30,287 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 303 states to 303 states and 361 transitions. [2022-07-22 17:38:30,287 INFO L78 Accepts]: Start accepts. Automaton has 303 states and 361 transitions. Word has length 50 [2022-07-22 17:38:30,288 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:30,288 INFO L495 AbstractCegarLoop]: Abstraction has 303 states and 361 transitions. [2022-07-22 17:38:30,288 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.125) internal successors, (41), 6 states have internal predecessors, (41), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-07-22 17:38:30,289 INFO L276 IsEmpty]: Start isEmpty. Operand 303 states and 361 transitions. [2022-07-22 17:38:30,290 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-07-22 17:38:30,290 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:38:30,290 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:30,290 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-07-22 17:38:30,290 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:38:30,291 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:38:30,291 INFO L85 PathProgramCache]: Analyzing trace with hash -365727847, now seen corresponding path program 1 times [2022-07-22 17:38:30,291 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:38:30,291 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1836014746] [2022-07-22 17:38:30,291 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:30,291 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:38:30,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,343 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2022-07-22 17:38:30,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,352 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:38:30,357 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,390 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2022-07-22 17:38:30,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,409 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-07-22 17:38:30,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,418 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-07-22 17:38:30,420 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,426 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 70 [2022-07-22 17:38:30,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,428 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 17 proven. 4 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-22 17:38:30,428 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:38:30,428 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1836014746] [2022-07-22 17:38:30,428 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1836014746] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:38:30,429 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [47791759] [2022-07-22 17:38:30,429 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:38:30,429 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:38:30,429 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:38:30,440 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:38:30,473 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:38:30,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:38:30,562 INFO L263 TraceCheckSpWp]: Trace formula consists of 433 conjuncts, 13 conjunts are in the unsatisfiable core [2022-07-22 17:38:30,569 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:38:30,763 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 6 proven. 12 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-07-22 17:38:30,763 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:38:30,995 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 8 proven. 4 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-07-22 17:38:30,995 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [47791759] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:38:30,995 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:38:30,995 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 8, 9] total 19 [2022-07-22 17:38:30,995 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [481243104] [2022-07-22 17:38:30,996 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:38:30,996 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2022-07-22 17:38:30,996 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:38:30,996 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2022-07-22 17:38:30,997 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=60, Invalid=282, Unknown=0, NotChecked=0, Total=342 [2022-07-22 17:38:30,997 INFO L87 Difference]: Start difference. First operand 303 states and 361 transitions. Second operand has 19 states, 19 states have (on average 6.578947368421052) internal successors, (125), 14 states have internal predecessors, (125), 7 states have call successors, (20), 10 states have call predecessors, (20), 8 states have return successors, (18), 8 states have call predecessors, (18), 7 states have call successors, (18) [2022-07-22 17:38:32,328 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:38:32,329 INFO L93 Difference]: Finished difference Result 929 states and 1194 transitions. [2022-07-22 17:38:32,329 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-07-22 17:38:32,329 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 19 states have (on average 6.578947368421052) internal successors, (125), 14 states have internal predecessors, (125), 7 states have call successors, (20), 10 states have call predecessors, (20), 8 states have return successors, (18), 8 states have call predecessors, (18), 7 states have call successors, (18) Word has length 81 [2022-07-22 17:38:32,330 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:38:32,330 INFO L225 Difference]: With dead ends: 929 [2022-07-22 17:38:32,330 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:38:32,334 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 237 GetRequests, 169 SyntacticMatches, 1 SemanticMatches, 67 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1203 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=927, Invalid=3765, Unknown=0, NotChecked=0, Total=4692 [2022-07-22 17:38:32,335 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 1093 mSDsluCounter, 578 mSDsCounter, 0 mSdLazyCounter, 1036 mSolverCounterSat, 534 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1093 SdHoareTripleChecker+Valid, 684 SdHoareTripleChecker+Invalid, 1570 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 534 IncrementalHoareTripleChecker+Valid, 1036 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-07-22 17:38:32,335 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1093 Valid, 684 Invalid, 1570 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [534 Valid, 1036 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-07-22 17:38:32,336 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:38:32,336 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:38:32,336 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:38:32,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:38:32,337 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 81 [2022-07-22 17:38:32,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:38:32,337 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:38:32,337 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 19 states have (on average 6.578947368421052) internal successors, (125), 14 states have internal predecessors, (125), 7 states have call successors, (20), 10 states have call predecessors, (20), 8 states have return successors, (18), 8 states have call predecessors, (18), 7 states have call successors, (18) [2022-07-22 17:38:32,337 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:38:32,338 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:38:32,340 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:38:32,362 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-07-22 17:38:32,555 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-07-22 17:38:32,557 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:38:36,414 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 555 561) no Hoare annotation was computed. [2022-07-22 17:38:36,414 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 555 561) the Hoare annotation is: true [2022-07-22 17:38:36,414 INFO L899 garLoopResultBuilder]: For program point L802-1(lines 798 809) no Hoare annotation was computed. [2022-07-22 17:38:36,414 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 798 809) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse6 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse0 (not .cse6)) (.cse3 (not (<= 1 ~pumpRunning~0))) (.cse5 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (not .cse1)) (.cse4 (not (<= ~waterLevel~0 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse1 .cse2 .cse4) (or .cse2 .cse6 .cse7 .cse3 .cse4) (or .cse5 .cse2 .cse6 .cse7 .cse4)))) [2022-07-22 17:38:36,414 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 798 809) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 810 818) the Hoare annotation is: true [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 810 818) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 810 818) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 900) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point L890(lines 890 903) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L895 garLoopResultBuilder]: At program point L890-1(lines 875 907) the Hoare annotation is: (let ((.cse12 (= ~methaneLevelCritical~0 0))) (let ((.cse3 (not .cse12)) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= ~pumpRunning~0 0)) (.cse14 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~2#1| 1)) (.cse7 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse17 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~8#1|)) (.cse15 (<= |timeShift_getWaterLevel_#res#1| 1))) (let ((.cse1 (and .cse9 .cse6 .cse14 .cse12 .cse7 .cse16 .cse17 .cse8 .cse15)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse13 (and .cse9 .cse6 .cse7 .cse16 .cse3 .cse17 .cse8)) (.cse4 (and (<= 1 ~pumpRunning~0) .cse16 .cse17 .cse8)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not .cse16)) (.cse10 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or (and .cse6 .cse7 .cse8) (and .cse9 .cse7 .cse8) .cse2 .cse10 .cse5) (or .cse11 .cse0 .cse12 .cse2 .cse13) (or .cse2 (and .cse14 .cse15) .cse10 .cse3 .cse5) (or .cse11 .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse12 .cse2 .cse13 .cse4 .cse5) (or .cse11 .cse2 .cse10 (<= ~waterLevel~0 |old(~waterLevel~0)|)))))) [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point L535-1(lines 534 553) no Hoare annotation was computed. [2022-07-22 17:38:36,415 INFO L899 garLoopResultBuilder]: For program point L597(lines 597 605) no Hoare annotation was computed. [2022-07-22 17:38:36,416 INFO L895 garLoopResultBuilder]: At program point L882(line 882) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse6 (and .cse1 .cse4 .cse2 .cse8)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (let ((.cse3 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse0 (and .cse1 .cse2 .cse3) (not (<= 1 |old(~pumpRunning~0)|)) (and .cse4 .cse2 .cse3) .cse5)) (or .cse6 (not (<= |old(~waterLevel~0)| 1)) .cse7 .cse0) (or .cse6 .cse7 .cse0 (and (<= 1 ~pumpRunning~0) .cse8) .cse5)))) [2022-07-22 17:38:36,417 INFO L899 garLoopResultBuilder]: For program point L593(lines 593 610) no Hoare annotation was computed. [2022-07-22 17:38:36,417 INFO L899 garLoopResultBuilder]: For program point L882-1(line 882) no Hoare annotation was computed. [2022-07-22 17:38:36,417 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 531 554) no Hoare annotation was computed. [2022-07-22 17:38:36,417 INFO L899 garLoopResultBuilder]: For program point L870(line 870) no Hoare annotation was computed. [2022-07-22 17:38:36,417 INFO L895 garLoopResultBuilder]: At program point L635(line 635) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (<= ~waterLevel~0 |old(~waterLevel~0)|)) (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,417 INFO L899 garLoopResultBuilder]: For program point L635-1(line 635) no Hoare annotation was computed. [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L627(lines 622 629) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) (<= ~waterLevel~0 |old(~waterLevel~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L871(lines 866 873) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L603(line 603) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (<= ~waterLevel~0 |old(~waterLevel~0)|)) (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,418 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 904) no Hoare annotation was computed. [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L847(lines 842 850) the Hoare annotation is: (let ((.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (= ~pumpRunning~0 0)) (.cse7 (<= ~waterLevel~0 1)) (.cse13 (= 1 ~systemActive~0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~8#1|)) (.cse10 (<= |timeShift_getWaterLevel_#res#1| 1))) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (and .cse6 .cse11 .cse7 .cse13 .cse12 .cse9 .cse10)) (.cse2 (not .cse13)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse4 .cse2) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 (= |timeShift_getWaterLevel_#res#1| 1)) (or .cse1 .cse2 .cse5 .cse3) (let ((.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (and .cse6 .cse7 .cse8 .cse9 .cse10) .cse2 .cse5 .cse3 (and .cse11 .cse7 .cse8 .cse9 .cse10))) (or .cse0 .cse4 .cse2 (and (<= 1 ~pumpRunning~0) .cse12 .cse9) .cse3)))) [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L608(line 608) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1))) [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L608-1(lines 589 613) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse6 (and .cse1 .cse4 .cse2 .cse8)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (let ((.cse3 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse0 (and .cse1 .cse2 .cse3) (not (<= 1 |old(~pumpRunning~0)|)) (and .cse4 .cse2 .cse3) .cse5)) (or .cse6 (not (<= |old(~waterLevel~0)| 1)) .cse7 .cse0) (or .cse6 .cse7 .cse0 (and (<= 1 ~pumpRunning~0) .cse8) .cse5)))) [2022-07-22 17:38:36,418 INFO L895 garLoopResultBuilder]: At program point L637(lines 630 640) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (<= ~waterLevel~0 |old(~waterLevel~0)|)) (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,418 INFO L899 garLoopResultBuilder]: For program point L542-1(lines 542 548) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 531 554) the Hoare annotation is: (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse1) .cse0 .cse2))) [2022-07-22 17:38:36,419 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 531 554) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L899 garLoopResultBuilder]: For program point L778(lines 778 782) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 870) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L895 garLoopResultBuilder]: At program point L778-2(lines 774 785) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= ~waterLevel~0 1) (<= ~waterLevel~0 |old(~waterLevel~0)|)) (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:38:36,419 INFO L895 garLoopResultBuilder]: At program point L646(lines 641 649) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (= ~methaneLevelCritical~0 0) .cse1 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1) (or .cse0 .cse1 (and (<= 1 ~pumpRunning~0) (not (= |timeShift_isPumpRunning_#res#1| 0)) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~8#1|)) .cse2) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2))) [2022-07-22 17:38:36,419 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-07-22 17:38:36,419 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2022-07-22 17:38:36,419 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-07-22 17:38:36,419 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-07-22 17:38:36,419 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-07-22 17:38:36,420 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-07-22 17:38:36,420 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-07-22 17:38:36,420 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-07-22 17:38:36,420 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-07-22 17:38:36,420 INFO L895 garLoopResultBuilder]: At program point L762(lines 715 763) the Hoare annotation is: false [2022-07-22 17:38:36,420 INFO L899 garLoopResultBuilder]: For program point L717(lines 716 761) no Hoare annotation was computed. [2022-07-22 17:38:36,420 INFO L899 garLoopResultBuilder]: For program point L746(lines 746 757) no Hoare annotation was computed. [2022-07-22 17:38:36,420 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3 .cse4) (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4))) [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L895 garLoopResultBuilder]: At program point L924(lines 920 926) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:36,421 INFO L895 garLoopResultBuilder]: At program point L759(lines 716 761) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3 (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3))) [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L726(lines 726 732) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L726-1(lines 726 732) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L718(lines 718 722) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 147) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 140 147) no Hoare annotation was computed. [2022-07-22 17:38:36,421 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:38:36,422 INFO L902 garLoopResultBuilder]: At program point L124(lines 117 126) the Hoare annotation is: true [2022-07-22 17:38:36,422 INFO L902 garLoopResultBuilder]: At program point L149(lines 130 152) the Hoare annotation is: true [2022-07-22 17:38:36,422 INFO L899 garLoopResultBuilder]: For program point L752(lines 752 756) no Hoare annotation was computed. [2022-07-22 17:38:36,422 INFO L895 garLoopResultBuilder]: At program point L752-2(lines 746 757) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3 .cse4) (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4))) [2022-07-22 17:38:36,422 INFO L899 garLoopResultBuilder]: For program point L736(lines 736 742) no Hoare annotation was computed. [2022-07-22 17:38:36,422 INFO L899 garLoopResultBuilder]: For program point L736-1(lines 736 742) no Hoare annotation was computed. [2022-07-22 17:38:36,422 INFO L902 garLoopResultBuilder]: At program point L765(lines 706 769) the Hoare annotation is: true [2022-07-22 17:38:36,422 INFO L895 garLoopResultBuilder]: At program point L728(line 728) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3 (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3))) [2022-07-22 17:38:36,422 INFO L895 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:36,422 INFO L895 garLoopResultBuilder]: At program point L939(lines 934 942) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:36,423 INFO L895 garLoopResultBuilder]: At program point L931(lines 927 933) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:38:36,423 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 563 587) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (<= ~waterLevel~0 2))) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1))))) [2022-07-22 17:38:36,423 INFO L899 garLoopResultBuilder]: For program point L855(lines 855 861) no Hoare annotation was computed. [2022-07-22 17:38:36,423 INFO L895 garLoopResultBuilder]: At program point L577(line 577) the Hoare annotation is: (let ((.cse2 (<= ~waterLevel~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 0) .cse2)) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) (not .cse2)) (or (not (= ~waterLevel~0 1)) .cse0 (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~6#1|)) .cse1))) [2022-07-22 17:38:36,423 INFO L895 garLoopResultBuilder]: At program point L701(lines 686 704) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= 1 ~systemActive~0)) (.cse7 (<= ~waterLevel~0 1))) (let ((.cse1 (not .cse7)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse6)) (.cse3 (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse4 .cse5 .cse7 .cse6 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~6#1|)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse0 .cse1 .cse3) (or .cse2 (and .cse4 .cse5 .cse6 (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1|)) .cse0 (not (<= ~waterLevel~0 2)) .cse3)))) [2022-07-22 17:38:36,423 INFO L895 garLoopResultBuilder]: At program point L860(lines 851 864) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1))) (let ((.cse1 (not .cse5)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse4 .cse5))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse0 .cse1 .cse3) (or .cse2 .cse0 (and .cse4 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0)) (not (<= ~waterLevel~0 2)) .cse3)))) [2022-07-22 17:38:36,423 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 563 587) no Hoare annotation was computed. [2022-07-22 17:38:36,423 INFO L899 garLoopResultBuilder]: For program point L571(lines 571 579) no Hoare annotation was computed. [2022-07-22 17:38:36,423 INFO L899 garLoopResultBuilder]: For program point L567(lines 567 584) no Hoare annotation was computed. [2022-07-22 17:38:36,424 INFO L899 garLoopResultBuilder]: For program point L695(lines 695 699) no Hoare annotation was computed. [2022-07-22 17:38:36,424 INFO L899 garLoopResultBuilder]: For program point L695-2(lines 695 699) no Hoare annotation was computed. [2022-07-22 17:38:36,425 INFO L895 garLoopResultBuilder]: At program point L619(lines 614 621) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 1)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse0 (and (<= 1 ~pumpRunning~0) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (<= 1 |processEnvironment__wrappee__highWaterSensor_~tmp~4#1|) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1|)) (not (<= ~waterLevel~0 2))) (or .cse2 .cse0 .cse1))) [2022-07-22 17:38:36,425 INFO L895 garLoopResultBuilder]: At program point L582(line 582) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:38:36,425 INFO L899 garLoopResultBuilder]: For program point L582-1(lines 563 587) no Hoare annotation was computed. [2022-07-22 17:38:36,425 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 786 797) no Hoare annotation was computed. [2022-07-22 17:38:36,425 INFO L899 garLoopResultBuilder]: For program point L790-1(lines 786 797) no Hoare annotation was computed. [2022-07-22 17:38:36,425 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 786 797) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (<= 1 ~pumpRunning~0)) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= ~pumpRunning~0 0)) .cse0 .cse1))) [2022-07-22 17:38:36,427 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:38:36,429 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:38:36,476 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:38:36 BoogieIcfgContainer [2022-07-22 17:38:36,491 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:38:36,492 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:38:36,492 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:38:36,492 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:38:36,493 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:38:26" (3/4) ... [2022-07-22 17:38:36,495 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:38:36,501 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:38:36,501 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:38:36,502 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-07-22 17:38:36,502 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:38:36,502 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:38:36,502 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:38:36,502 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:38:36,515 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 52 nodes and edges [2022-07-22 17:38:36,516 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:38:36,516 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:38:36,516 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:38:36,517 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:38:36,517 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:36,518 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:38:36,542 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:38:36,543 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && methaneLevelCritical == 0) && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:38:36,543 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((((pumpRunning == 0 && tmp == 1) && waterLevel <= 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) [2022-07-22 17:38:36,544 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,545 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive))) && (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,546 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 <= 1) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((1 <= pumpRunning && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == 0 && waterLevel <= 1) && methaneLevelCritical == tmp) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && methaneLevelCritical == tmp)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp))) && ((((!(1 == systemActive) || (tmp___0 <= 1 && \result <= 1)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 <= 1) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || (((1 <= pumpRunning && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || waterLevel <= \old(waterLevel)) [2022-07-22 17:38:36,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || \result == 1)) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2))) && ((((((((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && methaneLevelCritical == tmp) && \result <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && methaneLevelCritical == tmp) && \result <= 1))) && ((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) || !(waterLevel <= 2)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1)) [2022-07-22 17:38:36,548 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 <= pumpRunning && !(\result == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2))) && ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,548 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || (((((((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \result == 0) && tmp___0 == 0) && 1 <= tmp))) && ((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 1 == systemActive) && 1 <= \result) && 1 <= tmp___0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (((((((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \result == 0) && tmp___0 == 0) && 1 <= tmp)) [2022-07-22 17:38:36,548 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 <= pumpRunning && 1 <= \result) && 1 <= tmp) && 1 <= tmp___0)) || !(waterLevel <= 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) [2022-07-22 17:38:36,548 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:38:36,578 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:38:36,579 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:38:36,579 INFO L158 Benchmark]: Toolchain (without parser) took 10950.61ms. Allocated memory was 115.3MB in the beginning and 167.8MB in the end (delta: 52.4MB). Free memory was 86.9MB in the beginning and 119.3MB in the end (delta: -32.4MB). Peak memory consumption was 18.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,579 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 115.3MB. Free memory is still 71.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:36,580 INFO L158 Benchmark]: CACSL2BoogieTranslator took 413.51ms. Allocated memory is still 115.3MB. Free memory was 86.5MB in the beginning and 82.2MB in the end (delta: 4.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,580 INFO L158 Benchmark]: Boogie Procedure Inliner took 47.84ms. Allocated memory is still 115.3MB. Free memory was 82.2MB in the beginning and 79.5MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:38:36,581 INFO L158 Benchmark]: Boogie Preprocessor took 23.02ms. Allocated memory is still 115.3MB. Free memory was 79.5MB in the beginning and 78.1MB in the end (delta: 1.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,581 INFO L158 Benchmark]: RCFGBuilder took 538.66ms. Allocated memory is still 115.3MB. Free memory was 78.1MB in the beginning and 62.1MB in the end (delta: 16.0MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,581 INFO L158 Benchmark]: TraceAbstraction took 9834.87ms. Allocated memory was 115.3MB in the beginning and 167.8MB in the end (delta: 52.4MB). Free memory was 61.3MB in the beginning and 125.6MB in the end (delta: -64.3MB). Peak memory consumption was 72.7MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,582 INFO L158 Benchmark]: Witness Printer took 87.02ms. Allocated memory is still 167.8MB. Free memory was 125.6MB in the beginning and 119.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:38:36,583 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 115.3MB. Free memory is still 71.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 413.51ms. Allocated memory is still 115.3MB. Free memory was 86.5MB in the beginning and 82.2MB in the end (delta: 4.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 47.84ms. Allocated memory is still 115.3MB. Free memory was 82.2MB in the beginning and 79.5MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 23.02ms. Allocated memory is still 115.3MB. Free memory was 79.5MB in the beginning and 78.1MB in the end (delta: 1.4MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 538.66ms. Allocated memory is still 115.3MB. Free memory was 78.1MB in the beginning and 62.1MB in the end (delta: 16.0MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 9834.87ms. Allocated memory was 115.3MB in the beginning and 167.8MB in the end (delta: 52.4MB). Free memory was 61.3MB in the beginning and 125.6MB in the end (delta: -64.3MB). Peak memory consumption was 72.7MB. Max. memory is 16.1GB. * Witness Printer took 87.02ms. Allocated memory is still 167.8MB. Free memory was 125.6MB in the beginning and 119.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 870]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 87 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.7s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2634 SdHoareTripleChecker+Valid, 2.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2602 mSDsluCounter, 4044 SdHoareTripleChecker+Invalid, 1.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2888 mSDsCounter, 985 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2636 IncrementalHoareTripleChecker+Invalid, 3621 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 985 mSolverCounterUnsat, 1156 mSDtfsCounter, 2636 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 420 GetRequests, 252 SyntacticMatches, 2 SemanticMatches, 166 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1396 ImplicationChecksByTransitivity, 1.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=303occurred in iteration=11, InterpolantAutomatonStates: 151, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 12 MinimizatonAttempts, 182 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 1075 PreInvPairs, 1325 NumberOfFragments, 1673 HoareAnnotationTreeSize, 1075 FomulaSimplifications, 198 FormulaSimplificationTreeSizeReduction, 0.4s HoareSimplificationTime, 40 FomulaSimplificationsInter, 21789 FormulaSimplificationTreeSizeReductionInter, 3.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 609 NumberOfCodeBlocks, 609 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 676 ConstructedInterpolants, 0 QuantifiedInterpolants, 1348 SizeOfPredicates, 4 NumberOfNonLiveVariables, 433 ConjunctsInSsa, 13 ConjunctsInUnsatCore, 14 InterpolantComputations, 11 PerfectInterpolantSequences, 58/78 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 <= 1) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (((1 <= pumpRunning && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == 0 && waterLevel <= 1) && methaneLevelCritical == tmp) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && methaneLevelCritical == tmp)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp))) && ((((!(1 == systemActive) || (tmp___0 <= 1 && \result <= 1)) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp___0 <= 1) && methaneLevelCritical == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || (((1 <= pumpRunning && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || waterLevel <= \old(waterLevel)) - InvariantResult [Line: 641]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 <= pumpRunning && !(\result == 0)) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2))) && ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 920]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 716]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((((pumpRunning == 0 && tmp == 1) && waterLevel <= 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 706]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 630]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 614]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 <= pumpRunning && 1 <= \result) && 1 <= tmp) && 1 <= tmp___0)) || !(waterLevel <= 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) - InvariantResult [Line: 851]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 0)) || !(waterLevel <= 2)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1)) - InvariantResult [Line: 715]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 927]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 842]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || \result == 1)) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2))) && ((((((((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && methaneLevelCritical == tmp) && \result <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && methaneLevelCritical == tmp) && \result <= 1))) && ((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp) && \result <= 1)) || !(1 == systemActive)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && methaneLevelCritical == tmp)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 774]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 130]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 622]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 866]: Loop Invariant Derived loop invariant: ((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && methaneLevelCritical == 0) && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 589]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive))) && (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 686]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) || (((((((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \result == 0) && tmp___0 == 0) && 1 <= tmp))) && ((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 1 == systemActive) && 1 <= \result) && 1 <= tmp___0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (((((((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && \result == 0) && tmp___0 == 0) && 1 <= tmp)) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 934]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 RESULT: Ultimate proved your program to be correct! [2022-07-22 17:38:36,650 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE