./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version c3fed411 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea --- Real Ultimate output --- This is Ultimate 0.2.2-tmp.no-commuhash-c3fed41 [2021-12-17 15:06:55,977 INFO L177 SettingsManager]: Resetting all preferences to default values... [2021-12-17 15:06:55,985 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2021-12-17 15:06:56,042 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2021-12-17 15:06:56,042 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2021-12-17 15:06:56,043 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2021-12-17 15:06:56,044 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2021-12-17 15:06:56,045 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2021-12-17 15:06:56,046 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2021-12-17 15:06:56,047 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2021-12-17 15:06:56,052 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2021-12-17 15:06:56,055 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2021-12-17 15:06:56,056 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2021-12-17 15:06:56,060 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2021-12-17 15:06:56,061 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2021-12-17 15:06:56,064 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2021-12-17 15:06:56,066 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2021-12-17 15:06:56,068 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2021-12-17 15:06:56,069 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2021-12-17 15:06:56,072 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2021-12-17 15:06:56,075 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2021-12-17 15:06:56,076 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2021-12-17 15:06:56,077 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2021-12-17 15:06:56,078 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2021-12-17 15:06:56,079 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2021-12-17 15:06:56,080 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2021-12-17 15:06:56,080 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2021-12-17 15:06:56,080 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2021-12-17 15:06:56,081 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2021-12-17 15:06:56,081 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2021-12-17 15:06:56,082 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2021-12-17 15:06:56,082 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2021-12-17 15:06:56,083 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2021-12-17 15:06:56,083 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2021-12-17 15:06:56,084 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2021-12-17 15:06:56,084 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2021-12-17 15:06:56,084 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2021-12-17 15:06:56,084 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2021-12-17 15:06:56,085 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2021-12-17 15:06:56,085 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2021-12-17 15:06:56,086 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2021-12-17 15:06:56,086 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2021-12-17 15:06:56,109 INFO L113 SettingsManager]: Loading preferences was successful [2021-12-17 15:06:56,109 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2021-12-17 15:06:56,109 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2021-12-17 15:06:56,109 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2021-12-17 15:06:56,110 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2021-12-17 15:06:56,110 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2021-12-17 15:06:56,111 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2021-12-17 15:06:56,111 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2021-12-17 15:06:56,111 INFO L138 SettingsManager]: * Use SBE=true [2021-12-17 15:06:56,111 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2021-12-17 15:06:56,112 INFO L138 SettingsManager]: * sizeof long=4 [2021-12-17 15:06:56,112 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2021-12-17 15:06:56,112 INFO L138 SettingsManager]: * sizeof POINTER=4 [2021-12-17 15:06:56,112 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2021-12-17 15:06:56,112 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * sizeof long double=12 [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * Use constant arrays=true [2021-12-17 15:06:56,113 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2021-12-17 15:06:56,113 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2021-12-17 15:06:56,114 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2021-12-17 15:06:56,114 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2021-12-17 15:06:56,114 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-17 15:06:56,114 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2021-12-17 15:06:56,114 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2021-12-17 15:06:56,114 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Large block encoding in concurrent analysis=OFF [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2021-12-17 15:06:56,115 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2021-12-17 15:06:56,116 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> c4da108453cefa034e9e2f20ae1a945f7f6bf5ea54205b9ec625406680c7ecea [2021-12-17 15:06:56,326 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2021-12-17 15:06:56,347 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2021-12-17 15:06:56,349 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2021-12-17 15:06:56,350 INFO L271 PluginConnector]: Initializing CDTParser... [2021-12-17 15:06:56,350 INFO L275 PluginConnector]: CDTParser initialized [2021-12-17 15:06:56,351 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2021-12-17 15:06:56,405 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/258a67635/e690ee417eeb4aef955f38bb57d6bdad/FLAG49507d728 [2021-12-17 15:06:56,748 INFO L306 CDTParser]: Found 1 translation units. [2021-12-17 15:06:56,748 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c [2021-12-17 15:06:56,760 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/258a67635/e690ee417eeb4aef955f38bb57d6bdad/FLAG49507d728 [2021-12-17 15:06:57,122 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/258a67635/e690ee417eeb4aef955f38bb57d6bdad [2021-12-17 15:06:57,125 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2021-12-17 15:06:57,127 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2021-12-17 15:06:57,128 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2021-12-17 15:06:57,128 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2021-12-17 15:06:57,130 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2021-12-17 15:06:57,130 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,132 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@8323165 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57, skipping insertion in model container [2021-12-17 15:06:57,132 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,137 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2021-12-17 15:06:57,175 INFO L178 MainTranslator]: Built tables and reachable declarations [2021-12-17 15:06:57,339 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2021-12-17 15:06:57,460 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-17 15:06:57,481 INFO L203 MainTranslator]: Completed pre-run [2021-12-17 15:06:57,497 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec1_product47.cil.c[2044,2057] [2021-12-17 15:06:57,553 INFO L209 PostProcessor]: Analyzing one entry point: main [2021-12-17 15:06:57,570 INFO L208 MainTranslator]: Completed translation [2021-12-17 15:06:57,571 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57 WrapperNode [2021-12-17 15:06:57,571 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2021-12-17 15:06:57,572 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2021-12-17 15:06:57,573 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2021-12-17 15:06:57,573 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2021-12-17 15:06:57,577 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,601 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,634 INFO L137 Inliner]: procedures = 55, calls = 157, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 241 [2021-12-17 15:06:57,635 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2021-12-17 15:06:57,635 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2021-12-17 15:06:57,635 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2021-12-17 15:06:57,635 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2021-12-17 15:06:57,641 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,641 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,648 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,649 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,652 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,655 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,657 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,659 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2021-12-17 15:06:57,663 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2021-12-17 15:06:57,663 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2021-12-17 15:06:57,663 INFO L275 PluginConnector]: RCFGBuilder initialized [2021-12-17 15:06:57,664 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (1/1) ... [2021-12-17 15:06:57,669 INFO L168 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2021-12-17 15:06:57,677 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-17 15:06:57,691 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2021-12-17 15:06:57,692 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2021-12-17 15:06:57,716 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2021-12-17 15:06:57,716 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2021-12-17 15:06:57,716 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2021-12-17 15:06:57,716 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2021-12-17 15:06:57,716 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2021-12-17 15:06:57,716 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2021-12-17 15:06:57,716 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2021-12-17 15:06:57,717 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2021-12-17 15:06:57,717 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2021-12-17 15:06:57,717 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2021-12-17 15:06:57,717 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2021-12-17 15:06:57,717 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2021-12-17 15:06:57,717 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2021-12-17 15:06:57,717 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2021-12-17 15:06:57,717 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2021-12-17 15:06:57,718 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2021-12-17 15:06:57,718 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2021-12-17 15:06:57,718 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2021-12-17 15:06:57,718 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2021-12-17 15:06:57,718 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2021-12-17 15:06:57,718 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2021-12-17 15:06:57,718 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2021-12-17 15:06:57,785 INFO L236 CfgBuilder]: Building ICFG [2021-12-17 15:06:57,786 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2021-12-17 15:06:58,024 INFO L277 CfgBuilder]: Performing block encoding [2021-12-17 15:06:58,029 INFO L296 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2021-12-17 15:06:58,029 INFO L301 CfgBuilder]: Removed 2 assume(true) statements. [2021-12-17 15:06:58,030 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 17.12 03:06:58 BoogieIcfgContainer [2021-12-17 15:06:58,030 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2021-12-17 15:06:58,031 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2021-12-17 15:06:58,032 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2021-12-17 15:06:58,037 INFO L275 PluginConnector]: TraceAbstraction initialized [2021-12-17 15:06:58,037 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 17.12 03:06:57" (1/3) ... [2021-12-17 15:06:58,038 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23e2d654 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 17.12 03:06:58, skipping insertion in model container [2021-12-17 15:06:58,038 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 17.12 03:06:57" (2/3) ... [2021-12-17 15:06:58,038 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23e2d654 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 17.12 03:06:58, skipping insertion in model container [2021-12-17 15:06:58,038 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 17.12 03:06:58" (3/3) ... [2021-12-17 15:06:58,039 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product47.cil.c [2021-12-17 15:06:58,042 INFO L204 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2021-12-17 15:06:58,042 INFO L163 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2021-12-17 15:06:58,070 INFO L338 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2021-12-17 15:06:58,074 INFO L339 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mLoopAccelerationTechnique=FAST_UPR [2021-12-17 15:06:58,074 INFO L340 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2021-12-17 15:06:58,093 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) [2021-12-17 15:06:58,097 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2021-12-17 15:06:58,098 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:58,098 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:58,098 INFO L402 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:58,102 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:58,102 INFO L85 PathProgramCache]: Analyzing trace with hash -707310338, now seen corresponding path program 1 times [2021-12-17 15:06:58,107 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:58,108 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [595942705] [2021-12-17 15:06:58,108 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:58,108 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:58,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,278 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2021-12-17 15:06:58,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,291 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:06:58,291 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:58,292 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [595942705] [2021-12-17 15:06:58,292 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [595942705] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:58,292 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:58,292 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2021-12-17 15:06:58,293 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [571944307] [2021-12-17 15:06:58,294 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:58,297 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2021-12-17 15:06:58,297 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:58,318 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2021-12-17 15:06:58,319 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-17 15:06:58,321 INFO L87 Difference]: Start difference. First operand has 100 states, 73 states have (on average 1.36986301369863) internal successors, (100), 82 states have internal predecessors, (100), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 13 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,363 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:58,364 INFO L93 Difference]: Finished difference Result 192 states and 259 transitions. [2021-12-17 15:06:58,364 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2021-12-17 15:06:58,365 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2021-12-17 15:06:58,366 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:58,375 INFO L225 Difference]: With dead ends: 192 [2021-12-17 15:06:58,376 INFO L226 Difference]: Without dead ends: 91 [2021-12-17 15:06:58,379 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2021-12-17 15:06:58,382 INFO L933 BasicCegarLoop]: 126 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:58,383 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [0 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-17 15:06:58,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2021-12-17 15:06:58,417 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2021-12-17 15:06:58,418 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 66 states have (on average 1.303030303030303) internal successors, (86), 74 states have internal predecessors, (86), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 12 states have call predecessors, (15), 15 states have call successors, (15) [2021-12-17 15:06:58,424 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2021-12-17 15:06:58,426 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 23 [2021-12-17 15:06:58,426 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:58,426 INFO L470 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2021-12-17 15:06:58,427 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,427 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2021-12-17 15:06:58,430 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2021-12-17 15:06:58,431 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:58,431 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:58,431 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2021-12-17 15:06:58,432 INFO L402 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:58,434 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:58,434 INFO L85 PathProgramCache]: Analyzing trace with hash 624156156, now seen corresponding path program 1 times [2021-12-17 15:06:58,435 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:58,435 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [896748104] [2021-12-17 15:06:58,435 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:58,435 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:58,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,516 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2021-12-17 15:06:58,518 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,521 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:06:58,522 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:58,522 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [896748104] [2021-12-17 15:06:58,522 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [896748104] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:58,523 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:58,523 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2021-12-17 15:06:58,523 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1750575982] [2021-12-17 15:06:58,523 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:58,525 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2021-12-17 15:06:58,525 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:58,526 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2021-12-17 15:06:58,526 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-17 15:06:58,527 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,552 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:58,553 INFO L93 Difference]: Finished difference Result 144 states and 184 transitions. [2021-12-17 15:06:58,553 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2021-12-17 15:06:58,553 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2021-12-17 15:06:58,554 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:58,555 INFO L225 Difference]: With dead ends: 144 [2021-12-17 15:06:58,556 INFO L226 Difference]: Without dead ends: 82 [2021-12-17 15:06:58,557 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2021-12-17 15:06:58,559 INFO L933 BasicCegarLoop]: 104 mSDtfsCounter, 16 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 187 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:58,561 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [20 Valid, 187 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2021-12-17 15:06:58,562 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2021-12-17 15:06:58,567 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2021-12-17 15:06:58,569 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 60 states have (on average 1.3166666666666667) internal successors, (79), 68 states have internal predecessors, (79), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2021-12-17 15:06:58,570 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2021-12-17 15:06:58,571 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 24 [2021-12-17 15:06:58,571 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:58,571 INFO L470 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2021-12-17 15:06:58,572 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,572 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2021-12-17 15:06:58,575 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2021-12-17 15:06:58,576 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:58,576 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:58,576 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2021-12-17 15:06:58,576 INFO L402 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:58,577 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:58,577 INFO L85 PathProgramCache]: Analyzing trace with hash -1800989914, now seen corresponding path program 1 times [2021-12-17 15:06:58,577 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:58,577 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [926987474] [2021-12-17 15:06:58,578 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:58,578 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:58,596 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,660 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2021-12-17 15:06:58,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,666 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:06:58,666 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:58,667 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [926987474] [2021-12-17 15:06:58,667 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [926987474] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:58,667 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:58,667 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-17 15:06:58,668 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1836483992] [2021-12-17 15:06:58,668 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:58,668 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-17 15:06:58,668 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:58,669 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-17 15:06:58,669 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2021-12-17 15:06:58,669 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,829 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:58,829 INFO L93 Difference]: Finished difference Result 273 states and 356 transitions. [2021-12-17 15:06:58,829 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2021-12-17 15:06:58,830 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2021-12-17 15:06:58,830 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:58,831 INFO L225 Difference]: With dead ends: 273 [2021-12-17 15:06:58,832 INFO L226 Difference]: Without dead ends: 198 [2021-12-17 15:06:58,832 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2021-12-17 15:06:58,833 INFO L933 BasicCegarLoop]: 128 mSDtfsCounter, 217 mSDsluCounter, 372 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 217 SdHoareTripleChecker+Valid, 500 SdHoareTripleChecker+Invalid, 135 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:58,833 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [217 Valid, 500 Invalid, 135 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:06:58,834 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 198 states. [2021-12-17 15:06:58,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 198 to 192. [2021-12-17 15:06:58,858 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 139 states have (on average 1.3453237410071943) internal successors, (187), 157 states have internal predecessors, (187), 31 states have call successors, (31), 21 states have call predecessors, (31), 21 states have return successors, (32), 23 states have call predecessors, (32), 31 states have call successors, (32) [2021-12-17 15:06:58,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 250 transitions. [2021-12-17 15:06:58,860 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 250 transitions. Word has length 28 [2021-12-17 15:06:58,860 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:58,860 INFO L470 AbstractCegarLoop]: Abstraction has 192 states and 250 transitions. [2021-12-17 15:06:58,860 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:58,860 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 250 transitions. [2021-12-17 15:06:58,863 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2021-12-17 15:06:58,863 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:58,863 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:58,864 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2021-12-17 15:06:58,864 INFO L402 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:58,865 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:58,865 INFO L85 PathProgramCache]: Analyzing trace with hash -40246052, now seen corresponding path program 1 times [2021-12-17 15:06:58,865 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:58,865 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [381242504] [2021-12-17 15:06:58,865 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:58,865 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:58,889 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,933 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-17 15:06:58,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:58,944 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:06:58,945 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:58,945 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [381242504] [2021-12-17 15:06:58,945 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [381242504] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:58,945 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:58,945 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-17 15:06:58,946 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [924380072] [2021-12-17 15:06:58,946 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:58,946 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-17 15:06:58,946 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:58,947 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-17 15:06:58,947 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-17 15:06:58,947 INFO L87 Difference]: Start difference. First operand 192 states and 250 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:59,042 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:59,042 INFO L93 Difference]: Finished difference Result 563 states and 746 transitions. [2021-12-17 15:06:59,043 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-17 15:06:59,043 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2021-12-17 15:06:59,043 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:59,045 INFO L225 Difference]: With dead ends: 563 [2021-12-17 15:06:59,045 INFO L226 Difference]: Without dead ends: 378 [2021-12-17 15:06:59,046 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2021-12-17 15:06:59,047 INFO L933 BasicCegarLoop]: 115 mSDtfsCounter, 76 mSDsluCounter, 403 mSDsCounter, 0 mSdLazyCounter, 52 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 518 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 52 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:59,047 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [79 Valid, 518 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 52 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:06:59,048 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 378 states. [2021-12-17 15:06:59,077 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 378 to 369. [2021-12-17 15:06:59,078 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 264 states have (on average 1.3295454545454546) internal successors, (351), 299 states have internal predecessors, (351), 62 states have call successors, (62), 42 states have call predecessors, (62), 42 states have return successors, (67), 46 states have call predecessors, (67), 62 states have call successors, (67) [2021-12-17 15:06:59,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 480 transitions. [2021-12-17 15:06:59,080 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 480 transitions. Word has length 32 [2021-12-17 15:06:59,080 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:59,080 INFO L470 AbstractCegarLoop]: Abstraction has 369 states and 480 transitions. [2021-12-17 15:06:59,081 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 4 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2021-12-17 15:06:59,081 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 480 transitions. [2021-12-17 15:06:59,082 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2021-12-17 15:06:59,082 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:59,082 INFO L514 BasicCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:59,082 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2021-12-17 15:06:59,082 INFO L402 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:59,083 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:59,083 INFO L85 PathProgramCache]: Analyzing trace with hash 1430200224, now seen corresponding path program 1 times [2021-12-17 15:06:59,083 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:59,083 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [584102741] [2021-12-17 15:06:59,083 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:59,084 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:59,098 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,125 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-17 15:06:59,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,129 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2021-12-17 15:06:59,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,134 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:06:59,134 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:59,134 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [584102741] [2021-12-17 15:06:59,134 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [584102741] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:59,134 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:59,135 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-17 15:06:59,135 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1340074324] [2021-12-17 15:06:59,135 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:59,135 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-17 15:06:59,135 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:59,136 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-17 15:06:59,136 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-17 15:06:59,136 INFO L87 Difference]: Start difference. First operand 369 states and 480 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2021-12-17 15:06:59,352 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:59,352 INFO L93 Difference]: Finished difference Result 918 states and 1214 transitions. [2021-12-17 15:06:59,352 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-17 15:06:59,353 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2021-12-17 15:06:59,353 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:59,355 INFO L225 Difference]: With dead ends: 918 [2021-12-17 15:06:59,356 INFO L226 Difference]: Without dead ends: 556 [2021-12-17 15:06:59,357 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2021-12-17 15:06:59,357 INFO L933 BasicCegarLoop]: 95 mSDtfsCounter, 127 mSDsluCounter, 151 mSDsCounter, 0 mSdLazyCounter, 216 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 265 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:59,358 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [134 Valid, 246 Invalid, 265 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 216 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2021-12-17 15:06:59,358 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2021-12-17 15:06:59,379 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 537. [2021-12-17 15:06:59,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 537 states, 388 states have (on average 1.268041237113402) internal successors, (492), 425 states have internal predecessors, (492), 80 states have call successors, (80), 68 states have call predecessors, (80), 68 states have return successors, (105), 74 states have call predecessors, (105), 80 states have call successors, (105) [2021-12-17 15:06:59,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 537 states to 537 states and 677 transitions. [2021-12-17 15:06:59,383 INFO L78 Accepts]: Start accepts. Automaton has 537 states and 677 transitions. Word has length 36 [2021-12-17 15:06:59,383 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:59,383 INFO L470 AbstractCegarLoop]: Abstraction has 537 states and 677 transitions. [2021-12-17 15:06:59,383 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 5 states have internal predecessors, (31), 1 states have call successors, (3), 3 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2021-12-17 15:06:59,383 INFO L276 IsEmpty]: Start isEmpty. Operand 537 states and 677 transitions. [2021-12-17 15:06:59,385 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-17 15:06:59,385 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:59,385 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:59,385 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2021-12-17 15:06:59,385 INFO L402 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:59,386 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:59,386 INFO L85 PathProgramCache]: Analyzing trace with hash -1476072605, now seen corresponding path program 1 times [2021-12-17 15:06:59,386 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:59,386 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [908374898] [2021-12-17 15:06:59,386 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:59,386 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:59,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,406 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-17 15:06:59,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,411 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-17 15:06:59,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,426 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-17 15:06:59,427 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,429 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:06:59,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,432 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-17 15:06:59,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,434 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-17 15:06:59,434 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:59,434 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [908374898] [2021-12-17 15:06:59,434 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [908374898] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:59,434 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:59,435 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-17 15:06:59,435 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1084865097] [2021-12-17 15:06:59,435 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:59,435 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-17 15:06:59,435 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:59,436 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-17 15:06:59,436 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-17 15:06:59,436 INFO L87 Difference]: Start difference. First operand 537 states and 677 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-17 15:06:59,627 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:59,627 INFO L93 Difference]: Finished difference Result 1213 states and 1570 transitions. [2021-12-17 15:06:59,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-17 15:06:59,628 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2021-12-17 15:06:59,629 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:59,633 INFO L225 Difference]: With dead ends: 1213 [2021-12-17 15:06:59,634 INFO L226 Difference]: Without dead ends: 683 [2021-12-17 15:06:59,635 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=33, Invalid=57, Unknown=0, NotChecked=0, Total=90 [2021-12-17 15:06:59,638 INFO L933 BasicCegarLoop]: 86 mSDtfsCounter, 163 mSDsluCounter, 128 mSDsCounter, 0 mSdLazyCounter, 194 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 164 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 257 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 194 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:59,639 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [164 Valid, 214 Invalid, 257 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 194 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:06:59,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 683 states. [2021-12-17 15:06:59,683 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 683 to 625. [2021-12-17 15:06:59,684 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 625 states, 456 states have (on average 1.2412280701754386) internal successors, (566), 493 states have internal predecessors, (566), 88 states have call successors, (88), 68 states have call predecessors, (88), 80 states have return successors, (125), 90 states have call predecessors, (125), 88 states have call successors, (125) [2021-12-17 15:06:59,686 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 625 states to 625 states and 779 transitions. [2021-12-17 15:06:59,687 INFO L78 Accepts]: Start accepts. Automaton has 625 states and 779 transitions. Word has length 58 [2021-12-17 15:06:59,687 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:59,687 INFO L470 AbstractCegarLoop]: Abstraction has 625 states and 779 transitions. [2021-12-17 15:06:59,688 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-17 15:06:59,688 INFO L276 IsEmpty]: Start isEmpty. Operand 625 states and 779 transitions. [2021-12-17 15:06:59,689 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-17 15:06:59,690 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:59,690 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:59,690 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2021-12-17 15:06:59,690 INFO L402 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:59,690 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:59,690 INFO L85 PathProgramCache]: Analyzing trace with hash -1498704859, now seen corresponding path program 1 times [2021-12-17 15:06:59,691 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:59,691 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [750430165] [2021-12-17 15:06:59,691 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:59,691 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:59,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,715 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-17 15:06:59,715 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,719 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-17 15:06:59,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,738 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-17 15:06:59,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,741 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:06:59,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,744 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-17 15:06:59,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,747 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-17 15:06:59,747 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:06:59,747 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [750430165] [2021-12-17 15:06:59,747 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [750430165] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:06:59,747 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:06:59,747 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2021-12-17 15:06:59,748 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [917448557] [2021-12-17 15:06:59,748 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:06:59,748 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2021-12-17 15:06:59,748 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:06:59,748 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2021-12-17 15:06:59,748 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2021-12-17 15:06:59,748 INFO L87 Difference]: Start difference. First operand 625 states and 779 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-17 15:06:59,933 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:06:59,933 INFO L93 Difference]: Finished difference Result 1277 states and 1636 transitions. [2021-12-17 15:06:59,933 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2021-12-17 15:06:59,933 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2021-12-17 15:06:59,933 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:06:59,936 INFO L225 Difference]: With dead ends: 1277 [2021-12-17 15:06:59,936 INFO L226 Difference]: Without dead ends: 659 [2021-12-17 15:06:59,938 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 12 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2021-12-17 15:06:59,938 INFO L933 BasicCegarLoop]: 85 mSDtfsCounter, 132 mSDsluCounter, 169 mSDsCounter, 0 mSdLazyCounter, 260 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 133 SdHoareTripleChecker+Valid, 254 SdHoareTripleChecker+Invalid, 320 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 260 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:06:59,938 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [133 Valid, 254 Invalid, 320 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 260 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:06:59,939 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 659 states. [2021-12-17 15:06:59,960 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 659 to 637. [2021-12-17 15:06:59,961 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 637 states, 468 states have (on average 1.235042735042735) internal successors, (578), 505 states have internal predecessors, (578), 88 states have call successors, (88), 68 states have call predecessors, (88), 80 states have return successors, (125), 90 states have call predecessors, (125), 88 states have call successors, (125) [2021-12-17 15:06:59,963 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 637 states to 637 states and 791 transitions. [2021-12-17 15:06:59,963 INFO L78 Accepts]: Start accepts. Automaton has 637 states and 791 transitions. Word has length 58 [2021-12-17 15:06:59,963 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:06:59,964 INFO L470 AbstractCegarLoop]: Abstraction has 637 states and 791 transitions. [2021-12-17 15:06:59,964 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2021-12-17 15:06:59,964 INFO L276 IsEmpty]: Start isEmpty. Operand 637 states and 791 transitions. [2021-12-17 15:06:59,965 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2021-12-17 15:06:59,965 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:06:59,965 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:06:59,965 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2021-12-17 15:06:59,965 INFO L402 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:06:59,965 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:06:59,965 INFO L85 PathProgramCache]: Analyzing trace with hash -1201312991, now seen corresponding path program 1 times [2021-12-17 15:06:59,966 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:06:59,966 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [46422606] [2021-12-17 15:06:59,966 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:06:59,966 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:06:59,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:06:59,997 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2021-12-17 15:06:59,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,003 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2021-12-17 15:07:00,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,015 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-17 15:07:00,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,018 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:07:00,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,021 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 49 [2021-12-17 15:07:00,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,023 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2021-12-17 15:07:00,023 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:07:00,023 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [46422606] [2021-12-17 15:07:00,023 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [46422606] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:07:00,023 INFO L186 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2021-12-17 15:07:00,023 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2021-12-17 15:07:00,024 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [316597268] [2021-12-17 15:07:00,024 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:07:00,024 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2021-12-17 15:07:00,024 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:07:00,024 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2021-12-17 15:07:00,024 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2021-12-17 15:07:00,025 INFO L87 Difference]: Start difference. First operand 637 states and 791 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2021-12-17 15:07:00,292 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:07:00,292 INFO L93 Difference]: Finished difference Result 1873 states and 2432 transitions. [2021-12-17 15:07:00,293 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2021-12-17 15:07:00,293 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) Word has length 58 [2021-12-17 15:07:00,293 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:07:00,298 INFO L225 Difference]: With dead ends: 1873 [2021-12-17 15:07:00,299 INFO L226 Difference]: Without dead ends: 1243 [2021-12-17 15:07:00,301 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2021-12-17 15:07:00,301 INFO L933 BasicCegarLoop]: 134 mSDtfsCounter, 334 mSDsluCounter, 139 mSDsCounter, 0 mSdLazyCounter, 254 mSolverCounterSat, 142 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 337 SdHoareTripleChecker+Valid, 273 SdHoareTripleChecker+Invalid, 396 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 142 IncrementalHoareTripleChecker+Valid, 254 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2021-12-17 15:07:00,302 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [337 Valid, 273 Invalid, 396 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [142 Valid, 254 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2021-12-17 15:07:00,303 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1243 states. [2021-12-17 15:07:00,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1243 to 1231. [2021-12-17 15:07:00,346 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1231 states, 912 states have (on average 1.2171052631578947) internal successors, (1110), 973 states have internal predecessors, (1110), 166 states have call successors, (166), 150 states have call predecessors, (166), 152 states have return successors, (269), 162 states have call predecessors, (269), 166 states have call successors, (269) [2021-12-17 15:07:00,365 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1231 states to 1231 states and 1545 transitions. [2021-12-17 15:07:00,366 INFO L78 Accepts]: Start accepts. Automaton has 1231 states and 1545 transitions. Word has length 58 [2021-12-17 15:07:00,366 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:07:00,366 INFO L470 AbstractCegarLoop]: Abstraction has 1231 states and 1545 transitions. [2021-12-17 15:07:00,366 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 4 states have internal predecessors, (45), 4 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 4 states have call successors, (5) [2021-12-17 15:07:00,367 INFO L276 IsEmpty]: Start isEmpty. Operand 1231 states and 1545 transitions. [2021-12-17 15:07:00,368 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2021-12-17 15:07:00,368 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:07:00,368 INFO L514 BasicCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:07:00,368 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2021-12-17 15:07:00,368 INFO L402 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:07:00,369 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:07:00,369 INFO L85 PathProgramCache]: Analyzing trace with hash -238505913, now seen corresponding path program 1 times [2021-12-17 15:07:00,369 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:07:00,369 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [469383987] [2021-12-17 15:07:00,369 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:07:00,369 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:07:00,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,400 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-17 15:07:00,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,406 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2021-12-17 15:07:00,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,421 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2021-12-17 15:07:00,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,452 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-17 15:07:00,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,472 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:07:00,473 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,490 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 53 [2021-12-17 15:07:00,493 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,495 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2021-12-17 15:07:00,495 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:07:00,495 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [469383987] [2021-12-17 15:07:00,495 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [469383987] provided 0 perfect and 1 imperfect interpolant sequences [2021-12-17 15:07:00,495 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1146174857] [2021-12-17 15:07:00,495 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:07:00,495 INFO L168 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-17 15:07:00,496 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-17 15:07:00,497 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-12-17 15:07:00,499 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2021-12-17 15:07:00,583 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:00,585 INFO L263 TraceCheckSpWp]: Trace formula consists of 382 conjuncts, 9 conjunts are in the unsatisfiable core [2021-12-17 15:07:00,589 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-12-17 15:07:00,833 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2021-12-17 15:07:00,834 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2021-12-17 15:07:00,834 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1146174857] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:07:00,834 INFO L186 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2021-12-17 15:07:00,834 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 20 [2021-12-17 15:07:00,834 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1182309473] [2021-12-17 15:07:00,834 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:07:00,835 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2021-12-17 15:07:00,835 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:07:00,835 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2021-12-17 15:07:00,835 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=332, Unknown=0, NotChecked=0, Total=380 [2021-12-17 15:07:00,836 INFO L87 Difference]: Start difference. First operand 1231 states and 1545 transitions. Second operand has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2021-12-17 15:07:00,955 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:07:00,956 INFO L93 Difference]: Finished difference Result 2413 states and 3041 transitions. [2021-12-17 15:07:00,956 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-17 15:07:00,956 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) Word has length 62 [2021-12-17 15:07:00,956 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:07:00,961 INFO L225 Difference]: With dead ends: 2413 [2021-12-17 15:07:00,961 INFO L226 Difference]: Without dead ends: 1189 [2021-12-17 15:07:00,966 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 84 GetRequests, 66 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=48, Invalid=332, Unknown=0, NotChecked=0, Total=380 [2021-12-17 15:07:00,968 INFO L933 BasicCegarLoop]: 191 mSDtfsCounter, 69 mSDsluCounter, 506 mSDsCounter, 0 mSdLazyCounter, 176 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 697 SdHoareTripleChecker+Invalid, 179 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 176 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:07:00,968 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [73 Valid, 697 Invalid, 179 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 176 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:07:00,969 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1189 states. [2021-12-17 15:07:01,027 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1189 to 1185. [2021-12-17 15:07:01,028 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1185 states, 876 states have (on average 1.202054794520548) internal successors, (1053), 935 states have internal predecessors, (1053), 162 states have call successors, (162), 146 states have call predecessors, (162), 146 states have return successors, (236), 156 states have call predecessors, (236), 162 states have call successors, (236) [2021-12-17 15:07:01,032 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1185 states to 1185 states and 1451 transitions. [2021-12-17 15:07:01,032 INFO L78 Accepts]: Start accepts. Automaton has 1185 states and 1451 transitions. Word has length 62 [2021-12-17 15:07:01,032 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:07:01,032 INFO L470 AbstractCegarLoop]: Abstraction has 1185 states and 1451 transitions. [2021-12-17 15:07:01,032 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.125) internal successors, (49), 6 states have internal predecessors, (49), 3 states have call successors, (7), 3 states have call predecessors, (7), 5 states have return successors, (6), 5 states have call predecessors, (6), 3 states have call successors, (6) [2021-12-17 15:07:01,033 INFO L276 IsEmpty]: Start isEmpty. Operand 1185 states and 1451 transitions. [2021-12-17 15:07:01,035 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2021-12-17 15:07:01,036 INFO L506 BasicCegarLoop]: Found error trace [2021-12-17 15:07:01,036 INFO L514 BasicCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:07:01,080 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2021-12-17 15:07:01,253 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-17 15:07:01,254 INFO L402 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2021-12-17 15:07:01,254 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2021-12-17 15:07:01,254 INFO L85 PathProgramCache]: Analyzing trace with hash -753408287, now seen corresponding path program 1 times [2021-12-17 15:07:01,255 INFO L121 FreeRefinementEngine]: Executing refinement strategy CAMEL [2021-12-17 15:07:01,255 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [926064963] [2021-12-17 15:07:01,255 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:07:01,255 INFO L126 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2021-12-17 15:07:01,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,319 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2021-12-17 15:07:01,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,328 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2021-12-17 15:07:01,330 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,338 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2021-12-17 15:07:01,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,342 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2021-12-17 15:07:01,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,346 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:07:01,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,350 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2021-12-17 15:07:01,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,358 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2021-12-17 15:07:01,359 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,369 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2021-12-17 15:07:01,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,407 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2021-12-17 15:07:01,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,441 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2021-12-17 15:07:01,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,444 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2021-12-17 15:07:01,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,446 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 97 [2021-12-17 15:07:01,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,447 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 17 proven. 3 refuted. 0 times theorem prover too weak. 24 trivial. 0 not checked. [2021-12-17 15:07:01,448 INFO L139 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2021-12-17 15:07:01,448 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [926064963] [2021-12-17 15:07:01,448 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [926064963] provided 0 perfect and 1 imperfect interpolant sequences [2021-12-17 15:07:01,448 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1420489223] [2021-12-17 15:07:01,448 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2021-12-17 15:07:01,448 INFO L168 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2021-12-17 15:07:01,448 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2021-12-17 15:07:01,449 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2021-12-17 15:07:01,450 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2021-12-17 15:07:01,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2021-12-17 15:07:01,522 INFO L263 TraceCheckSpWp]: Trace formula consists of 481 conjuncts, 9 conjunts are in the unsatisfiable core [2021-12-17 15:07:01,528 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2021-12-17 15:07:01,722 INFO L134 CoverageAnalysis]: Checked inductivity of 44 backedges. 35 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2021-12-17 15:07:01,722 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2021-12-17 15:07:01,722 INFO L160 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1420489223] provided 1 perfect and 0 imperfect interpolant sequences [2021-12-17 15:07:01,722 INFO L186 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2021-12-17 15:07:01,722 INFO L199 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [15] total 20 [2021-12-17 15:07:01,722 INFO L115 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2131096487] [2021-12-17 15:07:01,722 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2021-12-17 15:07:01,723 INFO L546 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2021-12-17 15:07:01,723 INFO L103 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2021-12-17 15:07:01,723 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2021-12-17 15:07:01,723 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=51, Invalid=329, Unknown=0, NotChecked=0, Total=380 [2021-12-17 15:07:01,724 INFO L87 Difference]: Start difference. First operand 1185 states and 1451 transitions. Second operand has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2021-12-17 15:07:01,834 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2021-12-17 15:07:01,834 INFO L93 Difference]: Finished difference Result 2037 states and 2523 transitions. [2021-12-17 15:07:01,834 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2021-12-17 15:07:01,834 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) Word has length 106 [2021-12-17 15:07:01,834 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2021-12-17 15:07:01,835 INFO L225 Difference]: With dead ends: 2037 [2021-12-17 15:07:01,835 INFO L226 Difference]: Without dead ends: 0 [2021-12-17 15:07:01,839 INFO L932 BasicCegarLoop]: 0 DeclaredPredicates, 142 GetRequests, 122 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 47 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=63, Invalid=399, Unknown=0, NotChecked=0, Total=462 [2021-12-17 15:07:01,839 INFO L933 BasicCegarLoop]: 190 mSDtfsCounter, 76 mSDsluCounter, 851 mSDsCounter, 0 mSdLazyCounter, 123 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 1041 SdHoareTripleChecker+Invalid, 129 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 123 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2021-12-17 15:07:01,839 INFO L934 BasicCegarLoop]: SdHoareTripleChecker [80 Valid, 1041 Invalid, 129 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 123 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2021-12-17 15:07:01,840 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2021-12-17 15:07:01,840 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2021-12-17 15:07:01,840 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2021-12-17 15:07:01,840 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2021-12-17 15:07:01,840 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 106 [2021-12-17 15:07:01,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2021-12-17 15:07:01,840 INFO L470 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2021-12-17 15:07:01,840 INFO L471 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 9.375) internal successors, (75), 6 states have internal predecessors, (75), 3 states have call successors, (13), 3 states have call predecessors, (13), 5 states have return successors, (12), 5 states have call predecessors, (12), 3 states have call successors, (12) [2021-12-17 15:07:01,840 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2021-12-17 15:07:01,840 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2021-12-17 15:07:01,842 INFO L764 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2021-12-17 15:07:01,860 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2021-12-17 15:07:02,055 WARN L452 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2021-12-17 15:07:02,057 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2021-12-17 15:07:05,493 INFO L854 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 342 349) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) .cse1))) [2021-12-17 15:07:05,493 INFO L858 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 342 349) no Hoare annotation was computed. [2021-12-17 15:07:05,493 INFO L858 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 342 349) no Hoare annotation was computed. [2021-12-17 15:07:05,493 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 258 264) no Hoare annotation was computed. [2021-12-17 15:07:05,493 INFO L861 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 258 264) the Hoare annotation is: true [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point L162-1(lines 158 169) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L854 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 158 169) the Hoare annotation is: (let ((.cse0 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse2 (not (= ~pumpRunning~0 0))) (.cse1 (= ~methaneLevelCritical~0 0))) (and (or (= 0 ~systemActive~0) .cse0 .cse1) (or .cse2 (= ~methaneLevelCritical~0 |old(~methaneLevelCritical~0)|) (not (<= 1 |old(~methaneLevelCritical~0)|))) (or .cse0 .cse2 .cse1))) [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 158 169) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point L897(line 897) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point cleanupEXIT(lines 876 905) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L861 garLoopResultBuilder]: At program point cleanupENTRY(lines 876 905) the Hoare annotation is: true [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point L890(lines 890 894) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L861 garLoopResultBuilder]: At program point L890-1(lines 890 894) the Hoare annotation is: true [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point L887(line 887) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L861 garLoopResultBuilder]: At program point L886-2(lines 886 900) the Hoare annotation is: true [2021-12-17 15:07:05,494 INFO L861 garLoopResultBuilder]: At program point L882(line 882) the Hoare annotation is: true [2021-12-17 15:07:05,494 INFO L858 garLoopResultBuilder]: For program point L882-1(line 882) no Hoare annotation was computed. [2021-12-17 15:07:05,494 INFO L861 garLoopResultBuilder]: At program point L901(lines 876 905) the Hoare annotation is: true [2021-12-17 15:07:05,495 INFO L854 garLoopResultBuilder]: At program point L366(lines 361 369) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= 0 ~systemActive~0)) (.cse0 (not (<= 1 ~methaneLevelCritical~0))) (.cse2 (= |timeShift_isPumpRunning_#res#1| 0)) (.cse3 (= ~pumpRunning~0 0))) (and (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse0 .cse1) (or (and .cse2 .cse3) .cse0 .cse1) (or .cse1 .cse4) (or .cse5 .cse4) (or (not (<= 2 |old(~waterLevel~0)|)) .cse0 .cse1 (<= 2 ~waterLevel~0)) (or .cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3) .cse0 (and .cse2 (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse3)))) [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point L238-1(lines 237 256) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point L300(lines 300 308) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point L296(lines 296 313) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point timeShiftFINAL(lines 234 257) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point L65(lines 65 71) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L858 garLoopResultBuilder]: For program point L61(lines 61 74) no Hoare annotation was computed. [2021-12-17 15:07:05,495 INFO L854 garLoopResultBuilder]: At program point L61-1(lines 53 77) the Hoare annotation is: (let ((.cse13 (= ~methaneLevelCritical~0 0)) (.cse11 (<= 2 ~waterLevel~0)) (.cse7 (= 0 ~systemActive~0)) (.cse12 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (.cse9 (= ~pumpRunning~0 0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse4 (and .cse12 .cse9)) (.cse5 (and .cse13 .cse12 .cse11 (not .cse7))) (.cse6 (not .cse13)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse1 .cse3 .cse6) (or .cse7 (and .cse8 .cse9) .cse2 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse9)) (or .cse10 .cse2 .cse3 .cse11) (or .cse10 .cse3 .cse11 .cse6) (or .cse7 .cse4 .cse5 (and .cse12 .cse8) .cse6) (or .cse2 .cse3 .cse8)))) [2021-12-17 15:07:05,496 INFO L858 garLoopResultBuilder]: For program point L83(line 83) no Hoare annotation was computed. [2021-12-17 15:07:05,496 INFO L854 garLoopResultBuilder]: At program point L306(line 306) the Hoare annotation is: (let ((.cse3 (not (<= 1 ~methaneLevelCritical~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1) (or .cse2 .cse3) (or .cse3 .cse0) (or .cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1))) [2021-12-17 15:07:05,496 INFO L854 garLoopResultBuilder]: At program point L302(line 302) the Hoare annotation is: (let ((.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse1) .cse2) (or .cse3 .cse4) (or .cse2 .cse3) (or .cse0 .cse1 .cse4))) [2021-12-17 15:07:05,496 INFO L854 garLoopResultBuilder]: At program point L298(line 298) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1) (or .cse2 .cse0) (or .cse3 .cse4 .cse1) (or .cse3 .cse2 .cse4))) [2021-12-17 15:07:05,496 INFO L858 garLoopResultBuilder]: For program point L298-1(line 298) no Hoare annotation was computed. [2021-12-17 15:07:05,496 INFO L854 garLoopResultBuilder]: At program point L59(line 59) the Hoare annotation is: (let ((.cse10 (<= 2 ~waterLevel~0)) (.cse7 (= 0 ~systemActive~0)) (.cse11 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (not .cse11)) (.cse5 (and .cse11 .cse10 (not .cse7))) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse3 .cse4) (or .cse7 (and .cse8 .cse6) .cse2 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse6)) (or .cse9 .cse2 .cse3 .cse10) (or .cse9 .cse3 .cse10 .cse4) (or .cse7 .cse8 .cse4 .cse6 .cse5) (or .cse2 .cse3 .cse6)))) [2021-12-17 15:07:05,496 INFO L858 garLoopResultBuilder]: For program point L59-1(line 59) no Hoare annotation was computed. [2021-12-17 15:07:05,497 INFO L854 garLoopResultBuilder]: At program point L311(line 311) the Hoare annotation is: (let ((.cse9 (= 0 ~systemActive~0))) (let ((.cse10 (= ~methaneLevelCritical~0 0)) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse12 (not .cse9)) (.cse13 (= ~pumpRunning~0 0)) (.cse14 (<= 1 ~methaneLevelCritical~0))) (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (not .cse14)) (.cse5 (and .cse11 .cse14 .cse12 .cse13)) (.cse6 (and .cse10 .cse11 .cse12 .cse13)) (.cse4 (not .cse10))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse3 .cse4) (or .cse2 .cse3 .cse5) (or .cse6 .cse3 .cse4) (or .cse7 .cse3 .cse8 .cse4) (or .cse7 .cse2 .cse3 .cse8) (or .cse9 .cse2 .cse5) (or .cse9 .cse6 .cse4))))) [2021-12-17 15:07:05,497 INFO L854 garLoopResultBuilder]: At program point L311-1(lines 292 316) the Hoare annotation is: (let ((.cse8 (= 0 ~systemActive~0))) (let ((.cse11 (<= 2 ~waterLevel~0)) (.cse13 (= ~methaneLevelCritical~0 0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse14 (<= 1 ~methaneLevelCritical~0)) (.cse7 (not .cse8)) (.cse10 (= ~pumpRunning~0 0))) (let ((.cse4 (not (= |old(~waterLevel~0)| 1))) (.cse5 (= ~waterLevel~0 1)) (.cse9 (and .cse12 .cse14 .cse7 .cse10)) (.cse0 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not .cse14)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not .cse13)) (.cse3 (and .cse13 .cse11 .cse7))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse1) (or .cse4 .cse5 .cse1 .cse2) (or .cse1 .cse2 .cse7) (or .cse8 .cse6 .cse9 (and (<= 1 |timeShift_processEnvironment_~tmp~2#1|) .cse10)) (or .cse6 .cse1 .cse9) (or .cse0 .cse6 .cse1 .cse11) (or .cse8 .cse12 .cse2 .cse10 .cse3))))) [2021-12-17 15:07:05,497 INFO L858 garLoopResultBuilder]: For program point L245-1(lines 245 251) no Hoare annotation was computed. [2021-12-17 15:07:05,497 INFO L854 garLoopResultBuilder]: At program point L84(lines 79 86) the Hoare annotation is: (let ((.cse3 (not (<= 1 ~methaneLevelCritical~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1) (or .cse2 .cse3) (or .cse3 .cse0) (or .cse2 .cse1))) [2021-12-17 15:07:05,497 INFO L854 garLoopResultBuilder]: At program point timeShiftENTRY(lines 234 257) the Hoare annotation is: (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse1 (= ~waterLevel~0 1)) (.cse4 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (<= 2 ~waterLevel~0)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (= ~pumpRunning~0 0)) (.cse5 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse2 .cse6) (or .cse0 .cse1 .cse3 .cse7) (or .cse4 .cse3 .cse6 .cse7) (or .cse5 .cse8 .cse7) (or .cse4 .cse2 .cse3 .cse6) (or .cse3 .cse7 .cse9) (or .cse4 .cse5 .cse6 .cse7) (or .cse2 .cse3 .cse9) (or .cse5 .cse2 .cse8))) [2021-12-17 15:07:05,497 INFO L858 garLoopResultBuilder]: For program point timeShiftEXIT(lines 234 257) no Hoare annotation was computed. [2021-12-17 15:07:05,497 INFO L858 garLoopResultBuilder]: For program point L138(lines 138 142) no Hoare annotation was computed. [2021-12-17 15:07:05,498 INFO L858 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 83) no Hoare annotation was computed. [2021-12-17 15:07:05,498 INFO L854 garLoopResultBuilder]: At program point L138-2(lines 134 145) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= 0 ~systemActive~0)) (.cse2 (not (<= 1 ~methaneLevelCritical~0))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (and (or .cse0 .cse1) (or .cse2 .cse0) (or .cse3 .cse4 .cse1) (or .cse3 .cse2 .cse4))) [2021-12-17 15:07:05,498 INFO L861 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 170 178) the Hoare annotation is: true [2021-12-17 15:07:05,498 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 170 178) no Hoare annotation was computed. [2021-12-17 15:07:05,498 INFO L858 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 170 178) no Hoare annotation was computed. [2021-12-17 15:07:05,498 INFO L861 garLoopResultBuilder]: At program point L944(lines 937 946) the Hoare annotation is: true [2021-12-17 15:07:05,498 INFO L854 garLoopResultBuilder]: At program point L106(lines 102 108) the Hoare annotation is: (and (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-17 15:07:05,498 INFO L858 garLoopResultBuilder]: For program point L453(lines 452 499) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point L482(lines 482 495) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point L957(lines 957 964) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L858 garLoopResultBuilder]: For program point L957-2(lines 957 964) no Hoare annotation was computed. [2021-12-17 15:07:05,499 INFO L854 garLoopResultBuilder]: At program point L474(line 474) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2))) [2021-12-17 15:07:05,499 INFO L861 garLoopResultBuilder]: At program point L503(lines 442 507) the Hoare annotation is: true [2021-12-17 15:07:05,500 INFO L854 garLoopResultBuilder]: At program point L437(lines 425 439) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~pumpRunning~0 0))) (or (and .cse0 (= ~methaneLevelCritical~0 0) .cse1) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1))) [2021-12-17 15:07:05,500 INFO L858 garLoopResultBuilder]: For program point L462(lines 462 468) no Hoare annotation was computed. [2021-12-17 15:07:05,500 INFO L858 garLoopResultBuilder]: For program point L462-1(lines 462 468) no Hoare annotation was computed. [2021-12-17 15:07:05,500 INFO L858 garLoopResultBuilder]: For program point L429(lines 429 435) no Hoare annotation was computed. [2021-12-17 15:07:05,500 INFO L858 garLoopResultBuilder]: For program point L429-1(lines 429 435) no Hoare annotation was computed. [2021-12-17 15:07:05,501 INFO L858 garLoopResultBuilder]: For program point L454(lines 454 458) no Hoare annotation was computed. [2021-12-17 15:07:05,501 INFO L861 garLoopResultBuilder]: At program point L966(lines 947 969) the Hoare annotation is: true [2021-12-17 15:07:05,501 INFO L858 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2021-12-17 15:07:05,501 INFO L854 garLoopResultBuilder]: At program point L500(lines 451 501) the Hoare annotation is: false [2021-12-17 15:07:05,501 INFO L858 garLoopResultBuilder]: For program point L488(lines 488 494) no Hoare annotation was computed. [2021-12-17 15:07:05,501 INFO L854 garLoopResultBuilder]: At program point L934(lines 930 936) the Hoare annotation is: (and (= ~systemActive~0 |ULTIMATE.start_valid_product_#res#1|) (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 |ULTIMATE.start_main_~tmp~9#1|) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-17 15:07:05,501 INFO L854 garLoopResultBuilder]: At program point L488-2(lines 482 495) the Hoare annotation is: (let ((.cse1 (<= 1 ~methaneLevelCritical~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse4) (and .cse0 .cse1 .cse4) (and .cse0 .cse3 .cse2))) [2021-12-17 15:07:05,501 INFO L854 garLoopResultBuilder]: At program point L121(lines 116 124) the Hoare annotation is: (and (= ~systemActive~0 |ULTIMATE.start_valid_product_#res#1|) (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-17 15:07:05,501 INFO L858 garLoopResultBuilder]: For program point L472(lines 472 478) no Hoare annotation was computed. [2021-12-17 15:07:05,502 INFO L858 garLoopResultBuilder]: For program point L472-1(lines 472 478) no Hoare annotation was computed. [2021-12-17 15:07:05,502 INFO L854 garLoopResultBuilder]: At program point L113(lines 109 115) the Hoare annotation is: (and (= ~waterLevel~0 1) (= ~methaneLevelCritical~0 0) (= ~systemActive~0 1) (= ~pumpRunning~0 0)) [2021-12-17 15:07:05,502 INFO L854 garLoopResultBuilder]: At program point L497(lines 452 499) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))))) [2021-12-17 15:07:05,502 INFO L854 garLoopResultBuilder]: At program point L464(line 464) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~methaneLevelCritical~0 0))) (or (and .cse0 .cse1 .cse2) (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse2) (and .cse0 .cse1 (not (= 0 ~systemActive~0))))) [2021-12-17 15:07:05,502 INFO L854 garLoopResultBuilder]: At program point L431(line 431) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1))) [2021-12-17 15:07:05,502 INFO L858 garLoopResultBuilder]: For program point waterRiseEXIT(lines 146 157) no Hoare annotation was computed. [2021-12-17 15:07:05,502 INFO L858 garLoopResultBuilder]: For program point L150-1(lines 146 157) no Hoare annotation was computed. [2021-12-17 15:07:05,502 INFO L854 garLoopResultBuilder]: At program point waterRiseENTRY(lines 146 157) the Hoare annotation is: (let ((.cse3 (not (= |old(~waterLevel~0)| 1))) (.cse4 (= ~waterLevel~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not (= ~pumpRunning~0 0))) (.cse6 (not (<= 1 ~methaneLevelCritical~0))) (.cse1 (<= 2 ~waterLevel~0))) (and (or .cse0 (= 0 ~systemActive~0) .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6) (or .cse0 .cse5 .cse1 .cse2) (or .cse3 .cse5 .cse4 .cse2) (or .cse0 .cse5 .cse6 .cse1))) [2021-12-17 15:07:05,502 INFO L858 garLoopResultBuilder]: For program point L415(lines 415 419) no Hoare annotation was computed. [2021-12-17 15:07:05,502 INFO L858 garLoopResultBuilder]: For program point L415-2(lines 415 419) no Hoare annotation was computed. [2021-12-17 15:07:05,503 INFO L854 garLoopResultBuilder]: At program point L285(line 285) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0)) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) .cse1) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2))) [2021-12-17 15:07:05,503 INFO L858 garLoopResultBuilder]: For program point L285-1(lines 266 290) no Hoare annotation was computed. [2021-12-17 15:07:05,503 INFO L858 garLoopResultBuilder]: For program point L215(lines 215 221) no Hoare annotation was computed. [2021-12-17 15:07:05,503 INFO L854 garLoopResultBuilder]: At program point L220(lines 211 224) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse4 (<= 2 ~waterLevel~0)) (.cse1 (<= 1 |processEnvironment__wrappee__methaneQuery_isHighWaterSensorDry_#res#1|)) (.cse3 (= ~pumpRunning~0 0))) (and (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (or .cse0 (and .cse1 .cse2 .cse3) (and .cse2 .cse4 .cse3) (not (= ~methaneLevelCritical~0 0)))) (or .cse0 (and .cse4 .cse3) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse1 .cse3)))) [2021-12-17 15:07:05,503 INFO L854 garLoopResultBuilder]: At program point L280(line 280) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (= |processEnvironment__wrappee__methaneQuery_~tmp~1#1| 0)) (.cse2 (= ~pumpRunning~0 0))) (and (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse1 .cse2)) (or .cse0 (and .cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) (not (= ~methaneLevelCritical~0 0))))) [2021-12-17 15:07:05,503 INFO L858 garLoopResultBuilder]: For program point L274(lines 274 282) no Hoare annotation was computed. [2021-12-17 15:07:05,503 INFO L854 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 266 290) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0)) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 0))))) [2021-12-17 15:07:05,503 INFO L858 garLoopResultBuilder]: For program point L270(lines 270 287) no Hoare annotation was computed. [2021-12-17 15:07:05,503 INFO L858 garLoopResultBuilder]: For program point L332(lines 332 338) no Hoare annotation was computed. [2021-12-17 15:07:05,504 INFO L858 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 266 290) no Hoare annotation was computed. [2021-12-17 15:07:05,504 INFO L854 garLoopResultBuilder]: At program point L330(line 330) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0))) (and (or .cse0 (and .cse1 .cse2) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse2) (not (= ~methaneLevelCritical~0 0))))) [2021-12-17 15:07:05,504 INFO L854 garLoopResultBuilder]: At program point L332-2(lines 325 341) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0)) (.cse1 (<= 2 ~waterLevel~0))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (and (<= ~methaneLevelCritical~0 |processEnvironment__wrappee__methaneQuery_activatePump_~tmp~3#1|) .cse1 (= ~pumpRunning~0 0)) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))))) [2021-12-17 15:07:05,504 INFO L858 garLoopResultBuilder]: For program point L330-1(line 330) no Hoare annotation was computed. [2021-12-17 15:07:05,504 INFO L854 garLoopResultBuilder]: At program point L421(lines 406 424) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (let ((.cse7 (<= 2 ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |processEnvironment__wrappee__methaneQuery_isHighWaterLevel_~tmp___0~1#1| 0)) (.cse4 (= |processEnvironment__wrappee__methaneQuery_isHighWaterLevel_#res#1| 0)) (.cse5 (not .cse0)) (.cse6 (= ~pumpRunning~0 0))) (and (let ((.cse1 (= ~methaneLevelCritical~0 0))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse1 .cse2 .cse7 .cse5 .cse6) (not .cse1))) (or .cse0 (and .cse2 .cse7 .cse5 .cse6) (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0)) (and .cse2 .cse3 .cse4 .cse5 .cse6))))) [2021-12-17 15:07:05,504 INFO L854 garLoopResultBuilder]: At program point L322(lines 317 324) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or .cse0 (<= 2 ~waterLevel~0) (not (= ~methaneLevelCritical~0 0))) (or .cse0 (not (<= 1 ~methaneLevelCritical~0)) (not (= |old(~pumpRunning~0)| 0))))) [2021-12-17 15:07:05,504 INFO L861 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 350 360) the Hoare annotation is: true [2021-12-17 15:07:05,504 INFO L858 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 350 360) no Hoare annotation was computed. [2021-12-17 15:07:05,504 INFO L858 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 350 360) no Hoare annotation was computed. [2021-12-17 15:07:05,505 INFO L861 garLoopResultBuilder]: At program point L355(line 355) the Hoare annotation is: true [2021-12-17 15:07:05,505 INFO L858 garLoopResultBuilder]: For program point L355-1(line 355) no Hoare annotation was computed. [2021-12-17 15:07:05,507 INFO L732 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2021-12-17 15:07:05,508 INFO L179 ceAbstractionStarter]: Computing trace abstraction results [2021-12-17 15:07:05,523 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 17.12 03:07:05 BoogieIcfgContainer [2021-12-17 15:07:05,523 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2021-12-17 15:07:05,524 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2021-12-17 15:07:05,524 INFO L271 PluginConnector]: Initializing Witness Printer... [2021-12-17 15:07:05,524 INFO L275 PluginConnector]: Witness Printer initialized [2021-12-17 15:07:05,524 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 17.12 03:06:58" (3/4) ... [2021-12-17 15:07:05,526 INFO L137 WitnessPrinter]: Generating witness for correct program [2021-12-17 15:07:05,529 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2021-12-17 15:07:05,530 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2021-12-17 15:07:05,534 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2021-12-17 15:07:05,535 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2021-12-17 15:07:05,535 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2021-12-17 15:07:05,535 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2021-12-17 15:07:05,536 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2021-12-17 15:07:05,536 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-17 15:07:05,536 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2021-12-17 15:07:05,549 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 [2021-12-17 15:07:05,549 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == tmp) && systemActive == 1) && pumpRunning == 0 [2021-12-17 15:07:05,549 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && ((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0))) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || pumpRunning == \old(pumpRunning)) [2021-12-17 15:07:05,550 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((0 == systemActive || !(1 <= methaneLevelCritical)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0)) || (1 <= tmp && pumpRunning == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && ((((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || pumpRunning == 0) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) [2021-12-17 15:07:05,550 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && ((((tmp == 0 && pumpRunning == 0) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || (1 <= tmp && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel) || !(methaneLevelCritical == 0))) && ((((0 == systemActive || (tmp == 0 && pumpRunning == 0)) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || (tmp == 0 && pumpRunning == \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || pumpRunning == \old(pumpRunning)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && (((\result == 0 && pumpRunning == 0) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && (0 == systemActive || !(methaneLevelCritical == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || ((\result == 0 && 1 <= tmp) && pumpRunning == 0)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && (((0 == systemActive || ((methaneLevelCritical <= tmp && 2 <= waterLevel) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((0 == systemActive || ((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0)) || ((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (2 <= waterLevel && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || (1 <= \result && pumpRunning == 0)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (0 == systemActive || !(1 <= methaneLevelCritical))) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && (0 == systemActive || !(methaneLevelCritical == 0)) [2021-12-17 15:07:05,551 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((0 == systemActive || (((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) || ((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || ((((pumpRunning == \old(pumpRunning) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) [2021-12-17 15:07:05,565 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2021-12-17 15:07:05,565 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2021-12-17 15:07:05,565 INFO L158 Benchmark]: Toolchain (without parser) took 8438.79ms. Allocated memory was 96.5MB in the beginning and 186.6MB in the end (delta: 90.2MB). Free memory was 64.2MB in the beginning and 141.2MB in the end (delta: -77.0MB). Peak memory consumption was 13.9MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,566 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 96.5MB. Free memory was 54.8MB in the beginning and 54.8MB in the end (delta: 47.1kB). There was no memory consumed. Max. memory is 16.1GB. [2021-12-17 15:07:05,566 INFO L158 Benchmark]: CACSL2BoogieTranslator took 444.01ms. Allocated memory was 96.5MB in the beginning and 127.9MB in the end (delta: 31.5MB). Free memory was 63.8MB in the beginning and 96.5MB in the end (delta: -32.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,566 INFO L158 Benchmark]: Boogie Procedure Inliner took 62.18ms. Allocated memory is still 127.9MB. Free memory was 96.5MB in the beginning and 94.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,566 INFO L158 Benchmark]: Boogie Preprocessor took 27.33ms. Allocated memory is still 127.9MB. Free memory was 94.4MB in the beginning and 93.0MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,566 INFO L158 Benchmark]: RCFGBuilder took 367.35ms. Allocated memory is still 127.9MB. Free memory was 93.0MB in the beginning and 76.3MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,567 INFO L158 Benchmark]: TraceAbstraction took 7491.65ms. Allocated memory was 127.9MB in the beginning and 186.6MB in the end (delta: 58.7MB). Free memory was 75.5MB in the beginning and 147.5MB in the end (delta: -71.9MB). Peak memory consumption was 85.2MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,567 INFO L158 Benchmark]: Witness Printer took 41.45ms. Allocated memory is still 186.6MB. Free memory was 147.5MB in the beginning and 141.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2021-12-17 15:07:05,568 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 96.5MB. Free memory was 54.8MB in the beginning and 54.8MB in the end (delta: 47.1kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 444.01ms. Allocated memory was 96.5MB in the beginning and 127.9MB in the end (delta: 31.5MB). Free memory was 63.8MB in the beginning and 96.5MB in the end (delta: -32.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 62.18ms. Allocated memory is still 127.9MB. Free memory was 96.5MB in the beginning and 94.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 27.33ms. Allocated memory is still 127.9MB. Free memory was 94.4MB in the beginning and 93.0MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 367.35ms. Allocated memory is still 127.9MB. Free memory was 93.0MB in the beginning and 76.3MB in the end (delta: 16.8MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 7491.65ms. Allocated memory was 127.9MB in the beginning and 186.6MB in the end (delta: 58.7MB). Free memory was 75.5MB in the beginning and 147.5MB in the end (delta: -71.9MB). Peak memory consumption was 85.2MB. Max. memory is 16.1GB. * Witness Printer took 41.45ms. Allocated memory is still 186.6MB. Free memory was 147.5MB in the beginning and 141.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 83]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.4s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.4s, InitialAbstractionConstructionTime: 0.0s, PartialOrderReductionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1237 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1210 mSDsluCounter, 4056 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2802 mSDsCounter, 341 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1397 IncrementalHoareTripleChecker+Invalid, 1738 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 341 mSolverCounterUnsat, 1254 mSDtfsCounter, 1397 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 334 GetRequests, 246 SyntacticMatches, 0 SemanticMatches, 88 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 81 ImplicationChecksByTransitivity, 0.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1231occurred in iteration=8, InterpolantAutomatonStates: 72, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 130 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 45 LocationsWithAnnotation, 2682 PreInvPairs, 3161 NumberOfFragments, 1799 HoareAnnotationTreeSize, 2682 FomulaSimplifications, 412 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 45 FomulaSimplificationsInter, 20279 FormulaSimplificationTreeSizeReductionInter, 3.1s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.1s InterpolantComputationTime, 653 NumberOfCodeBlocks, 653 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 641 ConstructedInterpolants, 0 QuantifiedInterpolants, 1208 SizeOfPredicates, 6 NumberOfNonLiveVariables, 863 ConjunctsInSsa, 18 ConjunctsInUnsatCore, 12 InterpolantComputations, 10 PerfectInterpolantSequences, 98/103 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 79]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (0 == systemActive || !(1 <= methaneLevelCritical))) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && (0 == systemActive || !(methaneLevelCritical == 0)) - InvariantResult [Line: 325]: Loop Invariant Derived loop invariant: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && (((0 == systemActive || ((methaneLevelCritical <= tmp && 2 <= waterLevel) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) - InvariantResult [Line: 211]: Loop Invariant Derived loop invariant: (((0 == systemActive || ((1 <= \result && pumpRunning == \old(pumpRunning)) && pumpRunning == 0)) || ((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (2 <= waterLevel && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || (1 <= \result && pumpRunning == 0)) - InvariantResult [Line: 406]: Loop Invariant Derived loop invariant: (((0 == systemActive || (((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) || ((((methaneLevelCritical == 0 && pumpRunning == \old(pumpRunning)) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(methaneLevelCritical == 0)) && ((((0 == systemActive || (((pumpRunning == \old(pumpRunning) && 2 <= waterLevel) && !(0 == systemActive)) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || ((((pumpRunning == \old(pumpRunning) && tmp___0 == 0) && \result == 0) && !(0 == systemActive)) && pumpRunning == 0)) - InvariantResult [Line: 947]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 361]: Loop Invariant Derived loop invariant: (((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && (((\result == 0 && pumpRunning == 0) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && (0 == systemActive || !(methaneLevelCritical == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || ((\result == 0 && 1 <= tmp) && pumpRunning == 0)) - InvariantResult [Line: 876]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 425]: Loop Invariant Derived loop invariant: ((splverifierCounter == 0 && methaneLevelCritical == 0) && pumpRunning == 0) || ((splverifierCounter == 0 && 1 <= methaneLevelCritical) && pumpRunning == 0) - InvariantResult [Line: 452]: Loop Invariant Derived loop invariant: (((splverifierCounter == 0 && methaneLevelCritical == 0) && pumpRunning == 0) || ((splverifierCounter == 0 && 1 <= methaneLevelCritical) && pumpRunning == 0)) || ((splverifierCounter == 0 && methaneLevelCritical == 0) && !(0 == systemActive)) - InvariantResult [Line: 937]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 317]: Loop Invariant Derived loop invariant: ((0 == systemActive || 2 <= waterLevel) || !(methaneLevelCritical == 0)) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) - InvariantResult [Line: 53]: Loop Invariant Derived loop invariant: (((((((((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) && ((((tmp == 0 && pumpRunning == 0) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && (((0 == systemActive || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(1 <= methaneLevelCritical)) || (1 <= tmp && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && (((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel) || !(methaneLevelCritical == 0))) && ((((0 == systemActive || (tmp == 0 && pumpRunning == 0)) || (((methaneLevelCritical == 0 && tmp == 0) && 2 <= waterLevel) && !(0 == systemActive))) || (tmp == 0 && pumpRunning == \old(pumpRunning))) || !(methaneLevelCritical == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || pumpRunning == \old(pumpRunning)) - InvariantResult [Line: 886]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 116]: Loop Invariant Derived loop invariant: (((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((waterLevel == 1 && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 930]: Loop Invariant Derived loop invariant: ((((systemActive == \result && waterLevel == 1) && methaneLevelCritical == 0) && systemActive == tmp) && systemActive == 1) && pumpRunning == 0 - InvariantResult [Line: 134]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) && (!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0))) && ((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0))) && ((0 == systemActive || !(1 <= methaneLevelCritical)) || pumpRunning == \old(pumpRunning)) - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: (((((((((!(2 <= \old(waterLevel)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0))) && (((!(\old(waterLevel) == 1) || waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((0 == systemActive || !(1 <= methaneLevelCritical)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0)) || (1 <= tmp && pumpRunning == 0))) && ((!(1 <= methaneLevelCritical) || !(\old(pumpRunning) == 0)) || (((pumpRunning == \old(pumpRunning) && 1 <= methaneLevelCritical) && !(0 == systemActive)) && pumpRunning == 0))) && (((!(2 <= \old(waterLevel)) || !(1 <= methaneLevelCritical)) || !(\old(pumpRunning) == 0)) || 2 <= waterLevel)) && ((((0 == systemActive || pumpRunning == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || pumpRunning == 0) || ((methaneLevelCritical == 0 && 2 <= waterLevel) && !(0 == systemActive))) - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 451]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 102]: Loop Invariant Derived loop invariant: ((waterLevel == 1 && methaneLevelCritical == 0) && systemActive == 1) && pumpRunning == 0 RESULT: Ultimate proved your program to be correct! [2021-12-17 15:07:05,601 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE