./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c3fed411 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea --- Real Ultimate output --- This is Ultimate 0.2.2-tmp.no-commuhash-c3fed41 [2021-12-16 00:58:32,469 INFO L177 SettingsManager]: Resetting all preferences to default values... [2021-12-16 00:58:32,471 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2021-12-16 00:58:32,507 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2021-12-16 00:58:32,508 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2021-12-16 00:58:32,508 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2021-12-16 00:58:32,509 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2021-12-16 00:58:32,510 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2021-12-16 00:58:32,511 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2021-12-16 00:58:32,512 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2021-12-16 00:58:32,512 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2021-12-16 00:58:32,513 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2021-12-16 00:58:32,513 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2021-12-16 00:58:32,514 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2021-12-16 00:58:32,523 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2021-12-16 00:58:32,524 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2021-12-16 00:58:32,524 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2021-12-16 00:58:32,525 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2021-12-16 00:58:32,526 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2021-12-16 00:58:32,527 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2021-12-16 00:58:32,528 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2021-12-16 00:58:32,528 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2021-12-16 00:58:32,529 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2021-12-16 00:58:32,529 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2021-12-16 00:58:32,531 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2021-12-16 00:58:32,531 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2021-12-16 00:58:32,531 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2021-12-16 00:58:32,532 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2021-12-16 00:58:32,532 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2021-12-16 00:58:32,533 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2021-12-16 00:58:32,533 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2021-12-16 00:58:32,533 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2021-12-16 00:58:32,534 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2021-12-16 00:58:32,534 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2021-12-16 00:58:32,535 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2021-12-16 00:58:32,535 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2021-12-16 00:58:32,536 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2021-12-16 00:58:32,536 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2021-12-16 00:58:32,536 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2021-12-16 00:58:32,537 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2021-12-16 00:58:32,537 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2021-12-16 00:58:32,538 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2021-12-16 00:58:32,551 INFO L113 SettingsManager]: Loading preferences was successful [2021-12-16 00:58:32,551 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2021-12-16 00:58:32,551 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2021-12-16 00:58:32,551 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2021-12-16 00:58:32,552 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2021-12-16 00:58:32,552 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2021-12-16 00:58:32,553 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2021-12-16 00:58:32,553 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2021-12-16 00:58:32,553 INFO L138 SettingsManager]: * Use SBE=true [2021-12-16 00:58:32,553 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2021-12-16 00:58:32,553 INFO L138 SettingsManager]: * sizeof long=4 [2021-12-16 00:58:32,553 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2021-12-16 00:58:32,553 INFO L138 SettingsManager]: * sizeof POINTER=4 [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * sizeof long double=12 [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2021-12-16 00:58:32,554 INFO L138 SettingsManager]: * Use constant arrays=true [2021-12-16 00:58:32,555 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2021-12-16 00:58:32,555 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2021-12-16 00:58:32,555 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2021-12-16 00:58:32,555 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2021-12-16 00:58:32,555 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-16 00:58:32,555 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2021-12-16 00:58:32,556 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2021-12-16 00:58:32,557 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2021-12-16 00:58:32,557 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea [2021-12-16 00:58:32,763 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2021-12-16 00:58:32,777 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2021-12-16 00:58:32,779 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2021-12-16 00:58:32,780 INFO L271 PluginConnector]: Initializing CDTParser... [2021-12-16 00:58:32,780 INFO L275 PluginConnector]: CDTParser initialized [2021-12-16 00:58:32,781 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2021-12-16 00:58:32,853 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f2b30773b/04bbb506c1f94405b6ca121f96727f6b/FLAG7cab9b34f [2021-12-16 00:58:33,220 INFO L306 CDTParser]: Found 1 translation units. [2021-12-16 00:58:33,221 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2021-12-16 00:58:33,229 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f2b30773b/04bbb506c1f94405b6ca121f96727f6b/FLAG7cab9b34f [2021-12-16 00:58:33,240 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/f2b30773b/04bbb506c1f94405b6ca121f96727f6b [2021-12-16 00:58:33,242 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2021-12-16 00:58:33,244 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2021-12-16 00:58:33,245 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2021-12-16 00:58:33,245 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2021-12-16 00:58:33,248 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2021-12-16 00:58:33,248 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,249 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1cc5772b and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33, skipping insertion in model container [2021-12-16 00:58:33,249 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,254 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2021-12-16 00:58:33,280 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-12-16 00:58:33,421 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2021-12-16 00:58:33,485 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-16 00:58:33,497 INFO L203 MainTranslator]: Completed pre-run [2021-12-16 00:58:33,506 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2021-12-16 00:58:33,538 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-16 00:58:33,550 INFO L208 MainTranslator]: Completed translation [2021-12-16 00:58:33,550 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33 WrapperNode [2021-12-16 00:58:33,551 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2021-12-16 00:58:33,552 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2021-12-16 00:58:33,552 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2021-12-16 00:58:33,552 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2021-12-16 00:58:33,557 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,566 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,582 INFO L137 Inliner]: procedures = 55, calls = 157, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 241 [2021-12-16 00:58:33,583 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2021-12-16 00:58:33,584 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2021-12-16 00:58:33,584 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2021-12-16 00:58:33,584 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2021-12-16 00:58:33,589 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,590 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,592 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,592 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,598 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,602 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,608 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,610 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2021-12-16 00:58:33,610 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2021-12-16 00:58:33,611 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2021-12-16 00:58:33,611 INFO L275 PluginConnector]: RCFGBuilder initialized [2021-12-16 00:58:33,612 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (1/1) ... [2021-12-16 00:58:33,626 INFO L168 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-16 00:58:33,635 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-16 00:58:33,669 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2021-12-16 00:58:33,688 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2021-12-16 00:58:33,698 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2021-12-16 00:58:33,698 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2021-12-16 00:58:33,698 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2021-12-16 00:58:33,699 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2021-12-16 00:58:33,699 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2021-12-16 00:58:33,699 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2021-12-16 00:58:33,699 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2021-12-16 00:58:33,700 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2021-12-16 00:58:33,700 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2021-12-16 00:58:33,700 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2021-12-16 00:58:33,700 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2021-12-16 00:58:33,700 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2021-12-16 00:58:33,701 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2021-12-16 00:58:33,701 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2021-12-16 00:58:33,701 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2021-12-16 00:58:33,701 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2021-12-16 00:58:33,701 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2021-12-16 00:58:33,701 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2021-12-16 00:58:33,701 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2021-12-16 00:58:33,701 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2021-12-16 00:58:33,702 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2021-12-16 00:58:33,702 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2021-12-16 00:58:33,753 INFO L236 CfgBuilder]: Building ICFG [2021-12-16 00:58:33,754 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2021-12-16 00:58:33,956 INFO L277 CfgBuilder]: Performing block encoding [2021-12-16 00:58:33,962 INFO L296 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2021-12-16 00:58:33,963 INFO L301 CfgBuilder]: Removed 2 assume(true) statements. [2021-12-16 00:58:33,964 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 12:58:33 BoogieIcfgContainer [2021-12-16 00:58:33,964 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2021-12-16 00:58:33,966 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2021-12-16 00:58:33,966 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2021-12-16 00:58:33,969 INFO L275 PluginConnector]: TraceAbstraction initialized [2021-12-16 00:58:33,969 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.12 12:58:33" (1/3) ... [2021-12-16 00:58:33,975 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7868e8f9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.12 12:58:33, skipping insertion in model container [2021-12-16 00:58:33,976 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.12 12:58:33" (2/3) ... [2021-12-16 00:58:33,977 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7868e8f9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.12 12:58:33, skipping insertion in model container [2021-12-16 00:58:33,977 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 12:58:33" (3/3) ... [2021-12-16 00:58:33,978 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product47.cil.c [2021-12-16 00:58:33,993 INFO L204 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2021-12-16 00:58:33,993 INFO L163 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2021-12-16 00:58:34,025 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2021-12-16 00:58:34,031 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2021-12-16 00:58:34,031 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2021-12-16 00:58:34,051 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2021-12-16 00:58:34,055 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2021-12-16 00:58:34,056 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:34,056 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:34,057 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:34,060 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:34,061 INFO L85 PathProgramCache]: Analyzing trace with hash -707310338, now seen corresponding path program 1 times [2021-12-16 00:58:34,075 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:34,075 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [655094295] [2021-12-16 00:58:34,075 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:34,076 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:34,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,214 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2021-12-16 00:58:34,216 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,220 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:34,221 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:34,224 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [655094295] [2021-12-16 00:58:34,224 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [655094295] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:34,225 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:34,225 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2021-12-16 00:58:34,226 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [937530884] [2021-12-16 00:58:34,227 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:34,229 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2021-12-16 00:58:34,230 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:34,248 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2021-12-16 00:58:34,249 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-16 00:58:34,251 INFO L87 Difference]: Start difference. First operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,274 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:34,275 INFO L93 Difference]: Finished difference Result 192 states and 259 transitions. [2021-12-16 00:58:34,278 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2021-12-16 00:58:34,279 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2021-12-16 00:58:34,279 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:34,285 INFO L225 Difference]: With dead ends: 192 [2021-12-16 00:58:34,286 INFO L226 Difference]: Without dead ends: 91 [2021-12-16 00:58:34,288 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-16 00:58:34,291 INFO L933 BasicCegarLoop]: 126 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:34,292 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 00:58:34,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2021-12-16 00:58:34,319 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2021-12-16 00:58:34,320 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 66 states have (on average 1.303030303030303) internal successors, (86), 74 states have internal predecessors, (86), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2021-12-16 00:58:34,322 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2021-12-16 00:58:34,323 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 23 [2021-12-16 00:58:34,323 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:34,323 INFO L470 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2021-12-16 00:58:34,323 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,324 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2021-12-16 00:58:34,325 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2021-12-16 00:58:34,325 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:34,326 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:34,326 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2021-12-16 00:58:34,326 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:34,327 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:34,327 INFO L85 PathProgramCache]: Analyzing trace with hash 624156156, now seen corresponding path program 1 times [2021-12-16 00:58:34,327 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:34,327 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2057602775] [2021-12-16 00:58:34,327 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:34,328 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:34,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,374 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2021-12-16 00:58:34,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,379 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:34,379 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:34,379 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2057602775] [2021-12-16 00:58:34,379 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2057602775] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:34,381 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:34,381 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2021-12-16 00:58:34,381 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1246856666] [2021-12-16 00:58:34,382 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:34,382 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2021-12-16 00:58:34,383 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:34,383 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2021-12-16 00:58:34,389 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 00:58:34,389 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,404 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:34,405 INFO L93 Difference]: Finished difference Result 144 states and 184 transitions. [2021-12-16 00:58:34,405 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2021-12-16 00:58:34,405 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2021-12-16 00:58:34,405 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:34,406 INFO L225 Difference]: With dead ends: 144 [2021-12-16 00:58:34,407 INFO L226 Difference]: Without dead ends: 82 [2021-12-16 00:58:34,407 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-16 00:58:34,408 INFO L933 BasicCegarLoop]: 104 mSDtfsCounter, 16 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:34,409 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 187 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 00:58:34,410 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2021-12-16 00:58:34,415 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2021-12-16 00:58:34,416 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 68 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2021-12-16 00:58:34,417 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2021-12-16 00:58:34,417 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 24 [2021-12-16 00:58:34,417 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:34,418 INFO L470 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2021-12-16 00:58:34,418 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,418 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2021-12-16 00:58:34,419 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2021-12-16 00:58:34,419 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:34,419 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:34,419 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2021-12-16 00:58:34,419 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:34,420 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:34,420 INFO L85 PathProgramCache]: Analyzing trace with hash -1800989914, now seen corresponding path program 1 times [2021-12-16 00:58:34,420 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:34,421 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2108197992] [2021-12-16 00:58:34,421 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:34,421 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:34,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,481 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2021-12-16 00:58:34,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,485 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:34,486 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:34,486 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2108197992] [2021-12-16 00:58:34,486 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2108197992] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:34,486 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:34,486 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-16 00:58:34,487 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [440030323] [2021-12-16 00:58:34,487 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:34,487 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-16 00:58:34,487 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:34,488 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-16 00:58:34,488 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2021-12-16 00:58:34,488 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,624 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:34,624 INFO L93 Difference]: Finished difference Result 273 states and 356 transitions. [2021-12-16 00:58:34,625 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2021-12-16 00:58:34,625 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2021-12-16 00:58:34,625 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:34,627 INFO L225 Difference]: With dead ends: 273 [2021-12-16 00:58:34,627 INFO L226 Difference]: Without dead ends: 198 [2021-12-16 00:58:34,628 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2021-12-16 00:58:34,629 INFO L933 BasicCegarLoop]: 128 mSDtfsCounter, 217 mSDsluCounter, 372 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 217 SdHoareTripleChecker+Valid, 500 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:34,629 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [217 Valid, 500 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:34,630 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2021-12-16 00:58:34,649 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 192. [2021-12-16 00:58:34,650 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 139 states have (on average 1.3453237410071943) internal successors, (187), 157 states have internal predecessors, (187), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 23 states have call predecessors, (32), 31 states have call successors, (32) [2021-12-16 00:58:34,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 250 transitions. [2021-12-16 00:58:34,652 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 250 transitions. Word has length 28 [2021-12-16 00:58:34,652 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:34,652 INFO L470 AbstractCegarLoop]: Abstraction has 192 states and 250 transitions. [2021-12-16 00:58:34,652 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,653 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 250 transitions. [2021-12-16 00:58:34,659 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2021-12-16 00:58:34,659 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:34,659 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:34,660 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2021-12-16 00:58:34,662 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:34,663 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:34,663 INFO L85 PathProgramCache]: Analyzing trace with hash -40246052, now seen corresponding path program 1 times [2021-12-16 00:58:34,663 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:34,663 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1010772258] [2021-12-16 00:58:34,663 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:34,664 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:34,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,736 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-16 00:58:34,738 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,745 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:34,746 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:34,746 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1010772258] [2021-12-16 00:58:34,746 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1010772258] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:34,746 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:34,747 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-16 00:58:34,747 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [479285167] [2021-12-16 00:58:34,747 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:34,747 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-16 00:58:34,747 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:34,748 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-16 00:58:34,748 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-16 00:58:34,748 INFO L87 Difference]: Start difference. First operand 192 states and 250 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:34,844 INFO L93 Difference]: Finished difference Result 563 states and 746 transitions. [2021-12-16 00:58:34,845 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-16 00:58:34,845 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2021-12-16 00:58:34,845 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:34,848 INFO L225 Difference]: With dead ends: 563 [2021-12-16 00:58:34,849 INFO L226 Difference]: Without dead ends: 378 [2021-12-16 00:58:34,850 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2021-12-16 00:58:34,851 INFO L933 BasicCegarLoop]: 115 mSDtfsCounter, 76 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 52 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 518 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 52 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:34,851 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [79 Valid, 518 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 52 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-16 00:58:34,852 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 378 states. [2021-12-16 00:58:34,875 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 378 to 369. [2021-12-16 00:58:34,876 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 264 states have (on average 1.3295454545454546) internal successors, (351), 299 states have internal predecessors, (351), 62 states have call successors, (62), 42 states have call predecessors, (62), 42 states have return successors, (67), 46 states have call predecessors, (67), 62 states have call successors, (67) [2021-12-16 00:58:34,879 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 480 transitions. [2021-12-16 00:58:34,879 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 480 transitions. Word has length 32 [2021-12-16 00:58:34,880 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:34,880 INFO L470 AbstractCegarLoop]: Abstraction has 369 states and 480 transitions. [2021-12-16 00:58:34,880 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-16 00:58:34,880 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 480 transitions. [2021-12-16 00:58:34,882 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2021-12-16 00:58:34,882 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:34,882 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:34,882 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2021-12-16 00:58:34,883 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:34,883 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:34,883 INFO L85 PathProgramCache]: Analyzing trace with hash 1430200224, now seen corresponding path program 1 times [2021-12-16 00:58:34,883 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:34,884 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1516049183] [2021-12-16 00:58:34,884 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:34,884 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:34,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,951 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-16 00:58:34,955 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2021-12-16 00:58:34,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:34,969 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:34,971 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:34,972 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1516049183] [2021-12-16 00:58:34,972 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1516049183] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:34,973 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:34,973 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-16 00:58:34,974 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1652695495] [2021-12-16 00:58:34,974 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:34,975 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-16 00:58:34,976 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:34,979 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-16 00:58:34,979 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-16 00:58:34,979 INFO L87 Difference]: Start difference. First operand 369 states and 480 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2021-12-16 00:58:35,217 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:35,217 INFO L93 Difference]: Finished difference Result 918 states and 1214 transitions. [2021-12-16 00:58:35,218 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-16 00:58:35,218 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2021-12-16 00:58:35,218 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:35,230 INFO L225 Difference]: With dead ends: 918 [2021-12-16 00:58:35,231 INFO L226 Difference]: Without dead ends: 556 [2021-12-16 00:58:35,233 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2021-12-16 00:58:35,235 INFO L933 BasicCegarLoop]: 95 mSDtfsCounter, 127 mSDsluCounter, 151 mSDsCounter, 0 mSdLazyCounter, 216 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 265 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:35,236 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [134 Valid, 246 Invalid, 265 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 216 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:35,237 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2021-12-16 00:58:35,270 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 537. [2021-12-16 00:58:35,271 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 537 states, 388 states have (on average 1.268041237113402) internal successors, (492), 425 states have internal predecessors, (492), 80 states have call successors, (80), 68 states have call predecessors, (80), 68 states have return successors, (105), 74 states have call predecessors, (105), 80 states have call successors, (105) [2021-12-16 00:58:35,274 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 537 states to 537 states and 677 transitions. [2021-12-16 00:58:35,274 INFO L78 Accepts]: Start accepts. Automaton has 537 states and 677 transitions. Word has length 36 [2021-12-16 00:58:35,274 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:35,275 INFO L470 AbstractCegarLoop]: Abstraction has 537 states and 677 transitions. [2021-12-16 00:58:35,275 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2021-12-16 00:58:35,275 INFO L276 IsEmpty]: Start isEmpty. Operand 537 states and 677 transitions. [2021-12-16 00:58:35,277 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-16 00:58:35,277 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:35,277 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:35,277 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2021-12-16 00:58:35,278 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:35,278 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:35,278 INFO L85 PathProgramCache]: Analyzing trace with hash -1476072605, now seen corresponding path program 1 times [2021-12-16 00:58:35,278 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:35,279 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2126954704] [2021-12-16 00:58:35,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:35,279 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:35,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,305 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-16 00:58:35,306 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,310 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-16 00:58:35,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,329 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-16 00:58:35,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,333 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:35,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,336 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-16 00:58:35,337 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,339 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-16 00:58:35,339 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:35,340 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2126954704] [2021-12-16 00:58:35,340 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2126954704] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:35,340 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:35,340 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-16 00:58:35,340 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1849397950] [2021-12-16 00:58:35,340 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:35,341 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-16 00:58:35,341 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:35,341 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-16 00:58:35,341 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-16 00:58:35,342 INFO L87 Difference]: Start difference. First operand 537 states and 677 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-16 00:58:35,530 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:35,531 INFO L93 Difference]: Finished difference Result 1213 states and 1570 transitions. [2021-12-16 00:58:35,531 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-16 00:58:35,531 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2021-12-16 00:58:35,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:35,534 INFO L225 Difference]: With dead ends: 1213 [2021-12-16 00:58:35,535 INFO L226 Difference]: Without dead ends: 683 [2021-12-16 00:58:35,536 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2021-12-16 00:58:35,537 INFO L933 BasicCegarLoop]: 86 mSDtfsCounter, 163 mSDsluCounter, 128 mSDsCounter, 0 mSdLazyCounter, 194 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 164 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 257 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 194 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:35,537 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [164 Valid, 214 Invalid, 257 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 194 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:35,538 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 683 states. [2021-12-16 00:58:35,561 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 683 to 625. [2021-12-16 00:58:35,562 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 625 states, 456 states have (on average 1.2412280701754386) internal successors, (566), 493 states have internal predecessors, (566), 88 states have call successors, (88), 68 states have call predecessors, (88), 80 states have return successors, (125), 90 states have call predecessors, (125), 88 states have call successors, (125) [2021-12-16 00:58:35,565 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 625 states to 625 states and 779 transitions. [2021-12-16 00:58:35,565 INFO L78 Accepts]: Start accepts. Automaton has 625 states and 779 transitions. Word has length 58 [2021-12-16 00:58:35,566 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:35,566 INFO L470 AbstractCegarLoop]: Abstraction has 625 states and 779 transitions. [2021-12-16 00:58:35,566 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-16 00:58:35,566 INFO L276 IsEmpty]: Start isEmpty. Operand 625 states and 779 transitions. [2021-12-16 00:58:35,568 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-16 00:58:35,568 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:35,568 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:35,568 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2021-12-16 00:58:35,568 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:35,569 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:35,569 INFO L85 PathProgramCache]: Analyzing trace with hash -1498704859, now seen corresponding path program 1 times [2021-12-16 00:58:35,569 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:35,569 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2039743291] [2021-12-16 00:58:35,569 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:35,570 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:35,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,592 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-16 00:58:35,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,598 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-16 00:58:35,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,618 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-16 00:58:35,619 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,622 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:35,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,625 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-16 00:58:35,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,628 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-16 00:58:35,628 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:35,628 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2039743291] [2021-12-16 00:58:35,628 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2039743291] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:35,629 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:35,629 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2021-12-16 00:58:35,629 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1935460153] [2021-12-16 00:58:35,629 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:35,629 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2021-12-16 00:58:35,630 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:35,630 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2021-12-16 00:58:35,630 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2021-12-16 00:58:35,630 INFO L87 Difference]: Start difference. First operand 625 states and 779 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-16 00:58:35,822 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:35,823 INFO L93 Difference]: Finished difference Result 1277 states and 1636 transitions. [2021-12-16 00:58:35,823 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2021-12-16 00:58:35,823 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2021-12-16 00:58:35,824 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:35,826 INFO L225 Difference]: With dead ends: 1277 [2021-12-16 00:58:35,826 INFO L226 Difference]: Without dead ends: 659 [2021-12-16 00:58:35,828 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2021-12-16 00:58:35,828 INFO L933 BasicCegarLoop]: 85 mSDtfsCounter, 132 mSDsluCounter, 169 mSDsCounter, 0 mSdLazyCounter, 260 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 133 SdHoareTripleChecker+Valid, 254 SdHoareTripleChecker+Invalid, 320 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 260 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:35,828 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [133 Valid, 254 Invalid, 320 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 260 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:35,829 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 659 states. [2021-12-16 00:58:35,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 659 to 637. [2021-12-16 00:58:35,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 637 states, 468 states have (on average 1.235042735042735) internal successors, (578), 505 states have internal predecessors, (578), 88 states have call successors, (88), 68 states have call predecessors, (88), 80 states have return successors, (125), 90 states have call predecessors, (125), 88 states have call successors, (125) [2021-12-16 00:58:35,854 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 637 states to 637 states and 791 transitions. [2021-12-16 00:58:35,854 INFO L78 Accepts]: Start accepts. Automaton has 637 states and 791 transitions. Word has length 58 [2021-12-16 00:58:35,854 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:35,855 INFO L470 AbstractCegarLoop]: Abstraction has 637 states and 791 transitions. [2021-12-16 00:58:35,855 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-16 00:58:35,855 INFO L276 IsEmpty]: Start isEmpty. Operand 637 states and 791 transitions. [2021-12-16 00:58:35,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-16 00:58:35,856 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:35,856 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:35,857 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2021-12-16 00:58:35,857 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:35,857 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:35,857 INFO L85 PathProgramCache]: Analyzing trace with hash -1201312991, now seen corresponding path program 1 times [2021-12-16 00:58:35,857 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:35,858 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2005905533] [2021-12-16 00:58:35,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:35,858 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:35,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,883 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-16 00:58:35,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,889 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-16 00:58:35,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,901 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-16 00:58:35,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,905 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:35,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,907 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-16 00:58:35,908 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:35,910 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-16 00:58:35,910 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:35,910 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2005905533] [2021-12-16 00:58:35,910 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2005905533] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:35,910 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-16 00:58:35,910 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-16 00:58:35,911 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [154478136] [2021-12-16 00:58:35,911 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:35,911 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-16 00:58:35,911 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:35,912 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-16 00:58:35,912 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-16 00:58:35,912 INFO L87 Difference]: Start difference. First operand 637 states and 791 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2021-12-16 00:58:36,175 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:36,175 INFO L93 Difference]: Finished difference Result 1873 states and 2432 transitions. [2021-12-16 00:58:36,175 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2021-12-16 00:58:36,176 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 58 [2021-12-16 00:58:36,176 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:36,181 INFO L225 Difference]: With dead ends: 1873 [2021-12-16 00:58:36,181 INFO L226 Difference]: Without dead ends: 1243 [2021-12-16 00:58:36,183 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2021-12-16 00:58:36,184 INFO L933 BasicCegarLoop]: 134 mSDtfsCounter, 334 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 254 mSolverCounterSat, 142 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 337 SdHoareTripleChecker+Valid, 273 SdHoareTripleChecker+Invalid, 396 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 142 IncrementalHoareTripleChecker+Valid, 254 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:36,184 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [337 Valid, 273 Invalid, 396 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [142 Valid, 254 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2021-12-16 00:58:36,185 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1243 states. [2021-12-16 00:58:36,240 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1243 to 1231. [2021-12-16 00:58:36,242 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1231 states, 912 states have (on average 1.2171052631578947) internal successors, (1110), 973 states have internal predecessors, (1110), 166 states have call successors, (166), 150 states have call predecessors, (166), 152 states have return successors, (269), 162 states have call predecessors, (269), 166 states have call successors, (269) [2021-12-16 00:58:36,246 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1231 states to 1231 states and 1545 transitions. [2021-12-16 00:58:36,246 INFO L78 Accepts]: Start accepts. Automaton has 1231 states and 1545 transitions. Word has length 58 [2021-12-16 00:58:36,247 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:36,247 INFO L470 AbstractCegarLoop]: Abstraction has 1231 states and 1545 transitions. [2021-12-16 00:58:36,247 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2021-12-16 00:58:36,247 INFO L276 IsEmpty]: Start isEmpty. Operand 1231 states and 1545 transitions. [2021-12-16 00:58:36,249 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2021-12-16 00:58:36,249 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:36,249 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:36,249 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2021-12-16 00:58:36,249 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:36,250 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:36,250 INFO L85 PathProgramCache]: Analyzing trace with hash -238505913, now seen corresponding path program 1 times [2021-12-16 00:58:36,250 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:36,250 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [766557222] [2021-12-16 00:58:36,250 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:36,250 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:36,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,282 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-16 00:58:36,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,288 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2021-12-16 00:58:36,289 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,300 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2021-12-16 00:58:36,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,327 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-16 00:58:36,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,346 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:36,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,357 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2021-12-16 00:58:36,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,360 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2021-12-16 00:58:36,360 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:36,360 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [766557222] [2021-12-16 00:58:36,360 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [766557222] provided 0 perfect and 1 imperfect interpolant sequences [2021-12-16 00:58:36,360 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1123885010] [2021-12-16 00:58:36,360 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:36,361 INFO L168 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-16 00:58:36,361 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-16 00:58:36,362 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-12-16 00:58:36,363 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2021-12-16 00:58:36,429 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:36,432 INFO L263 TraceCheckSpWp]: Trace formula consists of 382 conjuncts, 9 conjunts are in the unsatisfiable core [2021-12-16 00:58:36,436 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-12-16 00:58:36,718 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-16 00:58:36,718 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2021-12-16 00:58:36,719 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1123885010] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:36,719 INFO L186 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2021-12-16 00:58:36,719 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 20 [2021-12-16 00:58:36,719 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1209345413] [2021-12-16 00:58:36,719 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:36,720 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2021-12-16 00:58:36,720 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:36,720 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2021-12-16 00:58:36,720 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=332, Unknown=0, NotChecked=0, Total=380 [2021-12-16 00:58:36,720 INFO L87 Difference]: Start difference. First operand 1231 states and 1545 transitions. Second operand has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2021-12-16 00:58:36,855 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:36,855 INFO L93 Difference]: Finished difference Result 2413 states and 3041 transitions. [2021-12-16 00:58:36,855 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-16 00:58:36,856 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) Word has length 62 [2021-12-16 00:58:36,857 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:36,861 INFO L225 Difference]: With dead ends: 2413 [2021-12-16 00:58:36,861 INFO L226 Difference]: Without dead ends: 1189 [2021-12-16 00:58:36,866 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 84 GetRequests, 66 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=332, Unknown=0, NotChecked=0, Total=380 [2021-12-16 00:58:36,867 INFO L933 BasicCegarLoop]: 191 mSDtfsCounter, 69 mSDsluCounter, 506 mSDsCounter, 0 mSdLazyCounter, 176 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 697 SdHoareTripleChecker+Invalid, 179 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 176 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:36,868 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [73 Valid, 697 Invalid, 179 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 176 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:36,870 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1189 states. [2021-12-16 00:58:36,906 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1189 to 1185. [2021-12-16 00:58:36,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1185 states, 876 states have (on average 1.202054794520548) internal successors, (1053), 935 states have internal predecessors, (1053), 162 states have call successors, (162), 146 states have call predecessors, (162), 146 states have return successors, (236), 156 states have call predecessors, (236), 162 states have call successors, (236) [2021-12-16 00:58:36,912 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1185 states to 1185 states and 1451 transitions. [2021-12-16 00:58:36,913 INFO L78 Accepts]: Start accepts. Automaton has 1185 states and 1451 transitions. Word has length 62 [2021-12-16 00:58:36,913 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:36,913 INFO L470 AbstractCegarLoop]: Abstraction has 1185 states and 1451 transitions. [2021-12-16 00:58:36,913 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2021-12-16 00:58:36,914 INFO L276 IsEmpty]: Start isEmpty. Operand 1185 states and 1451 transitions. [2021-12-16 00:58:36,917 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2021-12-16 00:58:36,917 INFO L506 BasicCegarLoop]: Found error trace [2021-12-16 00:58:36,918 INFO L514 BasicCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:36,938 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2021-12-16 00:58:37,131 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-16 00:58:37,131 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-16 00:58:37,132 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-16 00:58:37,132 INFO L85 PathProgramCache]: Analyzing trace with hash -753408287, now seen corresponding path program 1 times [2021-12-16 00:58:37,132 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-16 00:58:37,132 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1022967611] [2021-12-16 00:58:37,132 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:37,132 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-16 00:58:37,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,182 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-16 00:58:37,183 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,190 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2021-12-16 00:58:37,192 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,204 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2021-12-16 00:58:37,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,208 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-16 00:58:37,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,210 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:37,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,212 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2021-12-16 00:58:37,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,219 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2021-12-16 00:58:37,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,228 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2021-12-16 00:58:37,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,281 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-16 00:58:37,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,306 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2021-12-16 00:58:37,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,308 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-16 00:58:37,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,310 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2021-12-16 00:58:37,311 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,312 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 17 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2021-12-16 00:58:37,312 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-16 00:58:37,312 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1022967611] [2021-12-16 00:58:37,313 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1022967611] provided 0 perfect and 1 imperfect interpolant sequences [2021-12-16 00:58:37,313 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1884400853] [2021-12-16 00:58:37,313 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-16 00:58:37,313 INFO L168 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-16 00:58:37,313 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-16 00:58:37,314 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-12-16 00:58:37,315 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2021-12-16 00:58:37,385 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-16 00:58:37,387 INFO L263 TraceCheckSpWp]: Trace formula consists of 481 conjuncts, 9 conjunts are in the unsatisfiable core [2021-12-16 00:58:37,390 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-12-16 00:58:37,607 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2021-12-16 00:58:37,607 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2021-12-16 00:58:37,607 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1884400853] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-16 00:58:37,607 INFO L186 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2021-12-16 00:58:37,608 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 20 [2021-12-16 00:58:37,608 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1726023760] [2021-12-16 00:58:37,608 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-16 00:58:37,608 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2021-12-16 00:58:37,608 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-16 00:58:37,609 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2021-12-16 00:58:37,609 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=51, Invalid=329, Unknown=0, NotChecked=0, Total=380 [2021-12-16 00:58:37,609 INFO L87 Difference]: Start difference. First operand 1185 states and 1451 transitions. Second operand has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2021-12-16 00:58:37,714 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-16 00:58:37,714 INFO L93 Difference]: Finished difference Result 2037 states and 2523 transitions. [2021-12-16 00:58:37,715 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-16 00:58:37,715 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2021-12-16 00:58:37,716 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-16 00:58:37,716 INFO L225 Difference]: With dead ends: 2037 [2021-12-16 00:58:37,716 INFO L226 Difference]: Without dead ends: 0 [2021-12-16 00:58:37,721 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 142 GetRequests, 122 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=63, Invalid=399, Unknown=0, NotChecked=0, Total=462 [2021-12-16 00:58:37,722 INFO L933 BasicCegarLoop]: 190 mSDtfsCounter, 76 mSDsluCounter, 851 mSDsCounter, 0 mSdLazyCounter, 123 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 1041 SdHoareTripleChecker+Invalid, 129 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 123 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-16 00:58:37,722 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 1041 Invalid, 129 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-16 00:58:37,723 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2021-12-16 00:58:37,723 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2021-12-16 00:58:37,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-16 00:58:37,723 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2021-12-16 00:58:37,724 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 106 [2021-12-16 00:58:37,724 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-16 00:58:37,724 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2021-12-16 00:58:37,724 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2021-12-16 00:58:37,724 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2021-12-16 00:58:37,724 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-12-16 00:58:37,726 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2021-12-16 00:58:37,746 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2021-12-16 00:58:37,939 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2021-12-16 00:58:37,941 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2021-12-16 00:58:41,621 INFO L854 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 342 349) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) .cse1))) [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 342 349) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 342 349) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 258 264) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 258 264) the Hoare annotation is: true [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point L162-1(lines 158 169) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 158 169) the Hoare annotation is: (let ((.cse0 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse2 (not (= ~pumpRunning~0 0))) (.cse1 (= ~methaneLevelCritical~0 0))) (and (or (= 0 ~systemActive~0) .cse0 .cse1) (or .cse2 (= ~methaneLevelCritical~0 |old(~methaneLevelCritical~0)|) (not (<= 1 |old(~methaneLevelCritical~0)|))) (or .cse0 .cse2 .cse1))) [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 158 169) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point L897(line 897) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 876 905) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 876 905) the Hoare annotation is: true [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point L890(lines 890 894) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point L890-1(lines 890 894) the Hoare annotation is: true [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point L887(line 887) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point L886-2(lines 886 900) the Hoare annotation is: true [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point L882(line 882) the Hoare annotation is: true [2021-12-16 00:58:41,622 INFO L858 garLoopResultBuilder]: For program point L882-1(line 882) no Hoare annotation was computed. [2021-12-16 00:58:41,622 INFO L861 garLoopResultBuilder]: At program point L901(lines 876 905) the Hoare annotation is: true [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L366(lines 361 369) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= 0 ~systemActive~0)) (.cse0 (not (<= 1 ~methaneLevelCritical~0))) (.cse2 (= |timeShift_isPumpRunning_#res#1| 0)) (.cse3 (= ~pumpRunning~0 0))) (and (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse0 .cse1) (or (and .cse2 .cse3) .cse0 .cse1) (or .cse1 .cse4) (or .cse5 .cse4) (or (not (<= 2 |old(~waterLevel~0)|)) .cse0 .cse1 (<= 2 ~waterLevel~0)) (or .cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3) .cse0 (and .cse2 (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse3)))) [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L238-1(lines 237 256) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L300(lines 300 308) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L296(lines 296 313) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 234 257) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L65(lines 65 71) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L61(lines 61 74) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L61-1(lines 53 77) the Hoare annotation is: (let ((.cse13 (= ~methaneLevelCritical~0 0)) (.cse11 (<= 2 ~waterLevel~0)) (.cse7 (= 0 ~systemActive~0)) (.cse12 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (.cse9 (= ~pumpRunning~0 0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse4 (and .cse12 .cse9)) (.cse5 (and .cse13 .cse12 .cse11 (not .cse7))) (.cse6 (not .cse13)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse1 .cse3 .cse6) (or .cse7 (and .cse8 .cse9) .cse2 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse9)) (or .cse10 .cse2 .cse3 .cse11) (or .cse10 .cse3 .cse11 .cse6) (or .cse7 .cse4 .cse5 (and .cse12 .cse8) .cse6) (or .cse2 .cse3 .cse8)))) [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L83(line 83) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L306(line 306) the Hoare annotation is: (let ((.cse3 (not (<= 1 ~methaneLevelCritical~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1) (or .cse2 .cse3) (or .cse3 .cse0) (or .cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1))) [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L302(line 302) the Hoare annotation is: (let ((.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse1) .cse2) (or .cse3 .cse4) (or .cse2 .cse3) (or .cse0 .cse1 .cse4))) [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L298(line 298) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1) (or .cse2 .cse0) (or .cse3 .cse4 .cse1) (or .cse3 .cse2 .cse4))) [2021-12-16 00:58:41,623 INFO L858 garLoopResultBuilder]: For program point L298-1(line 298) no Hoare annotation was computed. [2021-12-16 00:58:41,623 INFO L854 garLoopResultBuilder]: At program point L59(line 59) the Hoare annotation is: (let ((.cse10 (<= 2 ~waterLevel~0)) (.cse7 (= 0 ~systemActive~0)) (.cse11 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (not .cse11)) (.cse5 (and .cse11 .cse10 (not .cse7))) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse3 .cse4) (or .cse7 (and .cse8 .cse6) .cse2 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse6)) (or .cse9 .cse2 .cse3 .cse10) (or .cse9 .cse3 .cse10 .cse4) (or .cse7 .cse8 .cse4 .cse6 .cse5) (or .cse2 .cse3 .cse6)))) [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point L59-1(line 59) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point L311(line 311) the Hoare annotation is: (let ((.cse9 (= 0 ~systemActive~0))) (let ((.cse10 (= ~methaneLevelCritical~0 0)) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse12 (not .cse9)) (.cse13 (= ~pumpRunning~0 0)) (.cse14 (<= 1 ~methaneLevelCritical~0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (not .cse14)) (.cse5 (and .cse11 .cse14 .cse12 .cse13)) (.cse6 (and .cse10 .cse11 .cse12 .cse13)) (.cse4 (not .cse10))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse3 .cse4) (or .cse2 .cse3 .cse5) (or .cse6 .cse3 .cse4) (or .cse7 .cse3 .cse8 .cse4) (or .cse7 .cse2 .cse3 .cse8) (or .cse9 .cse2 .cse5) (or .cse9 .cse6 .cse4))))) [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point L311-1(lines 292 316) the Hoare annotation is: (let ((.cse8 (= 0 ~systemActive~0))) (let ((.cse11 (<= 2 ~waterLevel~0)) (.cse13 (= ~methaneLevelCritical~0 0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse14 (<= 1 ~methaneLevelCritical~0)) (.cse7 (not .cse8)) (.cse10 (= ~pumpRunning~0 0))) (let ((.cse4 (not (= |old(~waterLevel~0)| 1))) (.cse5 (= ~waterLevel~0 1)) (.cse9 (and .cse12 .cse14 .cse7 .cse10)) (.cse0 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not .cse14)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse13)) (.cse3 (and .cse13 .cse11 .cse7))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse1) (or .cse4 .cse5 .cse1 .cse2) (or .cse1 .cse2 .cse7) (or .cse8 .cse6 .cse9 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse10)) (or .cse6 .cse1 .cse9) (or .cse0 .cse6 .cse1 .cse11) (or .cse8 .cse12 .cse2 .cse10 .cse3))))) [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point L245-1(lines 245 251) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point L84(lines 79 86) the Hoare annotation is: (let ((.cse3 (not (<= 1 ~methaneLevelCritical~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1) (or .cse2 .cse3) (or .cse3 .cse0) (or .cse2 .cse1))) [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 234 257) the Hoare annotation is: (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse4 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (<= 2 ~waterLevel~0)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (= ~pumpRunning~0 0)) (.cse5 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse2 .cse6) (or .cse0 .cse1 .cse3 .cse7) (or .cse4 .cse3 .cse6 .cse7) (or .cse5 .cse8 .cse7) (or .cse4 .cse2 .cse3 .cse6) (or .cse3 .cse7 .cse9) (or .cse4 .cse5 .cse6 .cse7) (or .cse2 .cse3 .cse9) (or .cse5 .cse2 .cse8))) [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 234 257) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point L138(lines 138 142) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 83) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point L138-2(lines 134 145) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1) (or .cse2 .cse0) (or .cse3 .cse4 .cse1) (or .cse3 .cse2 .cse4))) [2021-12-16 00:58:41,624 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 170 178) the Hoare annotation is: true [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 170 178) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 170 178) no Hoare annotation was computed. [2021-12-16 00:58:41,624 INFO L861 garLoopResultBuilder]: At program point L944(lines 937 946) the Hoare annotation is: true [2021-12-16 00:58:41,624 INFO L854 garLoopResultBuilder]: At program point L106(lines 102 108) the Hoare annotation is: (and (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L453(lines 452 499) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L482(lines 482 495) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L957(lines 957 964) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L957-2(lines 957 964) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L854 garLoopResultBuilder]: At program point L474(line 474) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2))) [2021-12-16 00:58:41,625 INFO L861 garLoopResultBuilder]: At program point L503(lines 442 507) the Hoare annotation is: true [2021-12-16 00:58:41,625 INFO L854 garLoopResultBuilder]: At program point L437(lines 425 439) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1))) [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L462(lines 462 468) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L462-1(lines 462 468) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L429(lines 429 435) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L429-1(lines 429 435) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L454(lines 454 458) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L861 garLoopResultBuilder]: At program point L966(lines 947 969) the Hoare annotation is: true [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L854 garLoopResultBuilder]: At program point L500(lines 451 501) the Hoare annotation is: false [2021-12-16 00:58:41,625 INFO L858 garLoopResultBuilder]: For program point L488(lines 488 494) no Hoare annotation was computed. [2021-12-16 00:58:41,625 INFO L854 garLoopResultBuilder]: At program point L934(lines 930 936) the Hoare annotation is: (and (= ~systemActive~0 |ULTIMATE.start_valid_product_#res#1|) (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 |ULTIMATE.start_main_~tmp~9#1|) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L488-2(lines 482 495) the Hoare annotation is: (let ((.cse1 (<= 1 ~methaneLevelCritical~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse4) (and .cse0 .cse1 .cse4) (and .cse0 .cse3 .cse2))) [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L121(lines 116 124) the Hoare annotation is: (and (= ~systemActive~0 |ULTIMATE.start_valid_product_#res#1|) (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L472(lines 472 478) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L472-1(lines 472 478) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L497(lines 452 499) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))))) [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L464(line 464) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))))) [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L431(line 431) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1))) [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 146 157) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L150-1(lines 146 157) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point waterRiseENTRY(lines 146 157) the Hoare annotation is: (let ((.cse3 (not (= |old(~waterLevel~0)| 1))) (.cse4 (= ~waterLevel~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not (= ~pumpRunning~0 0))) (.cse6 (not (<= 1 ~methaneLevelCritical~0))) (.cse1 (<= 2 ~waterLevel~0))) (and (or .cse0 (= 0 ~systemActive~0) .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse5 .cse1 .cse2) (or .cse3 .cse5 .cse4 .cse2) (or .cse0 .cse5 .cse6 .cse1))) [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L415(lines 415 419) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L415-2(lines 415 419) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L285(line 285) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0)) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) .cse1) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2))) [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L285-1(lines 266 290) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L858 garLoopResultBuilder]: For program point L215(lines 215 221) no Hoare annotation was computed. [2021-12-16 00:58:41,626 INFO L854 garLoopResultBuilder]: At program point L220(lines 211 224) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse4 (<= 2 ~waterLevel~0)) (.cse1 (<= 1 |processEnvironment__wrappee__methaneQuery_isHighWaterSensorDry_#res#1|)) (.cse3 (= ~pumpRunning~0 0))) (and (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (or .cse0 (and .cse1 .cse2 .cse3) (and .cse2 .cse4 .cse3) (not (= ~methaneLevelCritical~0 0)))) (or .cse0 (and .cse4 .cse3) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse1 .cse3)))) [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point L280(line 280) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (= |processEnvironment__wrappee__methaneQuery_~tmp~1#1| 0)) (.cse2 (= ~pumpRunning~0 0))) (and (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse1 .cse2)) (or .cse0 (and .cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) (not (= ~methaneLevelCritical~0 0))))) [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point L274(lines 274 282) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 266 290) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 0))))) [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point L270(lines 270 287) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point L332(lines 332 338) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 266 290) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point L330(line 330) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0))) (and (or .cse0 (and .cse1 .cse2) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse2) (not (= ~methaneLevelCritical~0 0))))) [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point L332-2(lines 325 341) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (<= 2 ~waterLevel~0))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (and (<= ~methaneLevelCritical~0 |processEnvironment__wrappee__methaneQuery_activatePump_~tmp~3#1|) .cse1 (= ~pumpRunning~0 0)) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))))) [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point L330-1(line 330) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point L421(lines 406 424) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (let ((.cse7 (<= 2 ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |processEnvironment__wrappee__methaneQuery_isHighWaterLevel_~tmp___0~1#1| 0)) (.cse4 (= |processEnvironment__wrappee__methaneQuery_isHighWaterLevel_#res#1| 0)) (.cse5 (not .cse0)) (.cse6 (= ~pumpRunning~0 0))) (and (let ((.cse1 (= ~methaneLevelCritical~0 0))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse1 .cse2 .cse7 .cse5 .cse6) (not .cse1))) (or .cse0 (and .cse2 .cse7 .cse5 .cse6) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse2 .cse3 .cse4 .cse5 .cse6))))) [2021-12-16 00:58:41,627 INFO L854 garLoopResultBuilder]: At program point L322(lines 317 324) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or .cse0 (<= 2 ~waterLevel~0) (not (= ~methaneLevelCritical~0 0))) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))))) [2021-12-16 00:58:41,627 INFO L861 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 350 360) the Hoare annotation is: true [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 350 360) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 350 360) no Hoare annotation was computed. [2021-12-16 00:58:41,627 INFO L861 garLoopResultBuilder]: At program point L355(line 355) the Hoare annotation is: true [2021-12-16 00:58:41,627 INFO L858 garLoopResultBuilder]: For program point L355-1(line 355) no Hoare annotation was computed. [2021-12-16 00:58:41,630 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-16 00:58:41,630 INFO L179 ceAbstractionStarter]: Computing trace abstraction results [2021-12-16 00:58:41,661 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.12 12:58:41 BoogieIcfgContainer [2021-12-16 00:58:41,661 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2021-12-16 00:58:41,662 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2021-12-16 00:58:41,662 INFO L271 PluginConnector]: Initializing Witness Printer... [2021-12-16 00:58:41,662 INFO L275 PluginConnector]: Witness Printer initialized [2021-12-16 00:58:41,662 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.12 12:58:33" (3/4) ... [2021-12-16 00:58:41,677 INFO L137 WitnessPrinter]: Generating witness for correct program [2021-12-16 00:58:41,681 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2021-12-16 00:58:41,681 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2021-12-16 00:58:41,681 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2021-12-16 00:58:41,681 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2021-12-16 00:58:41,682 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2021-12-16 00:58:41,682 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2021-12-16 00:58:41,682 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2021-12-16 00:58:41,682 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2021-12-16 00:58:41,682 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2021-12-16 00:58:41,687 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2021-12-16 00:58:41,687 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2021-12-16 00:58:41,687 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2021-12-16 00:58:41,688 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2021-12-16 00:58:41,695 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2021-12-16 00:58:41,696 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-16 00:58:41,696 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-16 00:58:41,729 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 [2021-12-16 00:58:41,730 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == tmp) && systemActive == 1) && pumpRunning == 0 [2021-12-16 00:58:41,730 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && ((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0))) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || pumpRunning == \old(pumpRunning)) [2021-12-16 00:58:41,731 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((0 == systemActive || !(1 <= methaneLevelCritical)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0)) || (1 <= tmp && pumpRunning == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && ((((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || pumpRunning == 0) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) [2021-12-16 00:58:41,731 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && ((((tmp == 0 && pumpRunning == 0) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || (1 <= tmp && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel) || !(methaneLevelCritical == 0))) && ((((0 == systemActive || (tmp == 0 && pumpRunning == 0)) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || (tmp == 0 && pumpRunning == \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || pumpRunning == \old(pumpRunning)) [2021-12-16 00:58:41,731 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && (((\result == 0 && pumpRunning == 0) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && (0 == systemActive || !(methaneLevelCritical == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || ((\result == 0 && 1 <= tmp) && pumpRunning == 0)) [2021-12-16 00:58:41,732 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && (((0 == systemActive || ((methaneLevelCritical <= tmp && 2 <= waterLevel) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) [2021-12-16 00:58:41,732 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) [2021-12-16 00:58:41,732 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((0 == systemActive || ((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0)) || ((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (2 <= waterLevel && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || (1 <= \result && pumpRunning == 0)) [2021-12-16 00:58:41,732 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (0 == systemActive || !(1 <= methaneLevelCritical))) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && (0 == systemActive || !(methaneLevelCritical == 0)) [2021-12-16 00:58:41,732 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((0 == systemActive || (((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) || ((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || ((((pumpRunning == \old(pumpRunning) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) [2021-12-16 00:58:41,749 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2021-12-16 00:58:41,750 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2021-12-16 00:58:41,751 INFO L158 Benchmark]: Toolchain (without parser) took 8507.45ms. Allocated memory was 127.9MB in the beginning and 186.6MB in the end (delta: 58.7MB). Free memory was 96.8MB in the beginning and 56.2MB in the end (delta: 40.6MB). Peak memory consumption was 98.1MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,751 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 92.3MB. Free memory was 51.7MB in the beginning and 51.7MB in the end (delta: 45.8kB). There was no memory consumed. Max. memory is 16.1GB. [2021-12-16 00:58:41,752 INFO L158 Benchmark]: CACSL2BoogieTranslator took 306.05ms. Allocated memory is still 127.9MB. Free memory was 96.8MB in the beginning and 96.7MB in the end (delta: 171.6kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,752 INFO L158 Benchmark]: Boogie Procedure Inliner took 31.54ms. Allocated memory is still 127.9MB. Free memory was 96.7MB in the beginning and 94.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,752 INFO L158 Benchmark]: Boogie Preprocessor took 26.33ms. Allocated memory is still 127.9MB. Free memory was 94.6MB in the beginning and 92.9MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,752 INFO L158 Benchmark]: RCFGBuilder took 354.15ms. Allocated memory is still 127.9MB. Free memory was 92.9MB in the beginning and 76.6MB in the end (delta: 16.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,753 INFO L158 Benchmark]: TraceAbstraction took 7695.65ms. Allocated memory was 127.9MB in the beginning and 186.6MB in the end (delta: 58.7MB). Free memory was 76.2MB in the beginning and 62.5MB in the end (delta: 13.6MB). Peak memory consumption was 86.4MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,753 INFO L158 Benchmark]: Witness Printer took 89.01ms. Allocated memory is still 186.6MB. Free memory was 62.5MB in the beginning and 56.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2021-12-16 00:58:41,754 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 92.3MB. Free memory was 51.7MB in the beginning and 51.7MB in the end (delta: 45.8kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 306.05ms. Allocated memory is still 127.9MB. Free memory was 96.8MB in the beginning and 96.7MB in the end (delta: 171.6kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 31.54ms. Allocated memory is still 127.9MB. Free memory was 96.7MB in the beginning and 94.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 26.33ms. Allocated memory is still 127.9MB. Free memory was 94.6MB in the beginning and 92.9MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 354.15ms. Allocated memory is still 127.9MB. Free memory was 92.9MB in the beginning and 76.6MB in the end (delta: 16.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 7695.65ms. Allocated memory was 127.9MB in the beginning and 186.6MB in the end (delta: 58.7MB). Free memory was 76.2MB in the beginning and 62.5MB in the end (delta: 13.6MB). Peak memory consumption was 86.4MB. Max. memory is 16.1GB. * Witness Printer took 89.01ms. Allocated memory is still 186.6MB. Free memory was 62.5MB in the beginning and 56.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 83]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.6s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.7s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1237 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1210 mSDsluCounter, 4056 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2802 mSDsCounter, 341 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1397 IncrementalHoareTripleChecker+Invalid, 1738 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 341 mSolverCounterUnsat, 1254 mSDtfsCounter, 1397 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 334 GetRequests, 246 SyntacticMatches, 0 SemanticMatches, 88 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 81 ImplicationChecksByTransitivity, 0.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1231occurred in iteration=8, InterpolantAutomatonStates: 72, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 130 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 45 LocationsWithAnnotation, 2682 PreInvPairs, 3161 NumberOfFragments, 1799 HoareAnnotationTreeSize, 2682 FomulaSimplifications, 412 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 45 FomulaSimplificationsInter, 20279 FormulaSimplificationTreeSizeReductionInter, 3.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 653 NumberOfCodeBlocks, 653 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 641 ConstructedInterpolants, 0 QuantifiedInterpolants, 1208 SizeOfPredicates, 6 NumberOfNonLiveVariables, 863 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 12 InterpolantComputations, 10 PerfectInterpolantSequences, 98/103 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 79]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (0 == systemActive || !(1 <= methaneLevelCritical))) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && (0 == systemActive || !(methaneLevelCritical == 0)) - InvariantResult [Line: 325]: Loop Invariant Derived loop invariant: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && (((0 == systemActive || ((methaneLevelCritical <= tmp && 2 <= waterLevel) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) - InvariantResult [Line: 211]: Loop Invariant Derived loop invariant: (((0 == systemActive || ((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0)) || ((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (2 <= waterLevel && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || (1 <= \result && pumpRunning == 0)) - InvariantResult [Line: 406]: Loop Invariant Derived loop invariant: (((0 == systemActive || (((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) || ((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || ((((pumpRunning == \old(pumpRunning) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) - InvariantResult [Line: 947]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 361]: Loop Invariant Derived loop invariant: (((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && (((\result == 0 && pumpRunning == 0) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && (0 == systemActive || !(methaneLevelCritical == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || ((\result == 0 && 1 <= tmp) && pumpRunning == 0)) - InvariantResult [Line: 876]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 425]: Loop Invariant Derived loop invariant: ((splverifierCounter == 0 && methaneLevelCritical == 0) && pumpRunning == 0) || ((splverifierCounter == 0 && 1 <= methaneLevelCritical) && pumpRunning == 0) - InvariantResult [Line: 452]: Loop Invariant Derived loop invariant: (((splverifierCounter == 0 && methaneLevelCritical == 0) && pumpRunning == 0) || ((splverifierCounter == 0 && 1 <= methaneLevelCritical) && pumpRunning == 0)) || ((splverifierCounter == 0 && methaneLevelCritical == 0) && !(0 == systemActive)) - InvariantResult [Line: 937]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 317]: Loop Invariant Derived loop invariant: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) - InvariantResult [Line: 53]: Loop Invariant Derived loop invariant: (((((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && ((((tmp == 0 && pumpRunning == 0) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || (1 <= tmp && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel) || !(methaneLevelCritical == 0))) && ((((0 == systemActive || (tmp == 0 && pumpRunning == 0)) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || (tmp == 0 && pumpRunning == \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || pumpRunning == \old(pumpRunning)) - InvariantResult [Line: 886]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 116]: Loop Invariant Derived loop invariant: (((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((waterLevel == 1 && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 930]: Loop Invariant Derived loop invariant: ((((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == tmp) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 134]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && ((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0))) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || pumpRunning == \old(pumpRunning)) - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: (((((((((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((0 == systemActive || !(1 <= methaneLevelCritical)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0)) || (1 <= tmp && pumpRunning == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && ((((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || pumpRunning == 0) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 451]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 102]: Loop Invariant Derived loop invariant: ((waterLevel == 1 && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 RESULT: Ultimate proved your program to be correct! [2021-12-16 00:58:41,811 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE