./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 35987657 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b --- Real Ultimate output --- This is Ultimate 0.2.2-?-3598765 [2022-07-21 05:02:16,895 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-21 05:02:16,897 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-21 05:02:16,964 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-21 05:02:16,964 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-21 05:02:16,965 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-21 05:02:16,968 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-21 05:02:16,970 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-21 05:02:16,974 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-21 05:02:16,977 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-21 05:02:16,978 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-21 05:02:16,980 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-21 05:02:16,980 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-21 05:02:16,982 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-21 05:02:16,996 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-21 05:02:16,998 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-21 05:02:16,999 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-21 05:02:17,000 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-21 05:02:17,002 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-21 05:02:17,006 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-21 05:02:17,007 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-21 05:02:17,009 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-21 05:02:17,010 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-21 05:02:17,010 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-21 05:02:17,012 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-21 05:02:17,017 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-21 05:02:17,017 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-21 05:02:17,017 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-21 05:02:17,019 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-21 05:02:17,031 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-21 05:02:17,032 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-21 05:02:17,032 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-21 05:02:17,034 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-21 05:02:17,034 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-21 05:02:17,035 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-21 05:02:17,036 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-21 05:02:17,036 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-21 05:02:17,037 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-21 05:02:17,037 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-21 05:02:17,037 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-21 05:02:17,037 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-21 05:02:17,039 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-21 05:02:17,045 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-21 05:02:17,086 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-21 05:02:17,087 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-21 05:02:17,088 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-21 05:02:17,088 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-21 05:02:17,088 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-21 05:02:17,089 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-21 05:02:17,089 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-21 05:02:17,090 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-21 05:02:17,090 INFO L138 SettingsManager]: * Use SBE=true [2022-07-21 05:02:17,090 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-21 05:02:17,091 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-21 05:02:17,091 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-21 05:02:17,091 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-21 05:02:17,099 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-21 05:02:17,099 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-21 05:02:17,099 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-21 05:02:17,099 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-21 05:02:17,099 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-21 05:02:17,100 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-21 05:02:17,100 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-21 05:02:17,100 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-21 05:02:17,100 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-21 05:02:17,100 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-21 05:02:17,100 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-21 05:02:17,101 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-21 05:02:17,107 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-21 05:02:17,107 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-21 05:02:17,107 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-21 05:02:17,108 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-21 05:02:17,108 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-21 05:02:17,108 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-21 05:02:17,108 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-21 05:02:17,108 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-21 05:02:17,109 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b [2022-07-21 05:02:17,449 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-21 05:02:17,463 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-21 05:02:17,465 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-21 05:02:17,466 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-21 05:02:17,466 INFO L275 PluginConnector]: CDTParser initialized [2022-07-21 05:02:17,468 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-21 05:02:17,512 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ea1680ca/3dba51b5b6ef4ad9a5ffc6af7d05ee41/FLAG69166fc9e [2022-07-21 05:02:18,008 INFO L306 CDTParser]: Found 1 translation units. [2022-07-21 05:02:18,014 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-21 05:02:18,030 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ea1680ca/3dba51b5b6ef4ad9a5ffc6af7d05ee41/FLAG69166fc9e [2022-07-21 05:02:18,537 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/7ea1680ca/3dba51b5b6ef4ad9a5ffc6af7d05ee41 [2022-07-21 05:02:18,539 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-21 05:02:18,540 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-21 05:02:18,541 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-21 05:02:18,548 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-21 05:02:18,550 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-21 05:02:18,551 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.07 05:02:18" (1/1) ... [2022-07-21 05:02:18,552 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5a717293 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:18, skipping insertion in model container [2022-07-21 05:02:18,552 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.07 05:02:18" (1/1) ... [2022-07-21 05:02:18,557 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-21 05:02:18,650 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-21 05:02:18,883 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-21 05:02:19,066 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-21 05:02:19,077 INFO L203 MainTranslator]: Completed pre-run [2022-07-21 05:02:19,115 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-21 05:02:19,191 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-21 05:02:19,225 INFO L208 MainTranslator]: Completed translation [2022-07-21 05:02:19,239 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19 WrapperNode [2022-07-21 05:02:19,240 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-21 05:02:19,240 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-21 05:02:19,241 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-21 05:02:19,241 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-21 05:02:19,246 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,270 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,331 INFO L137 Inliner]: procedures = 56, calls = 155, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 238 [2022-07-21 05:02:19,332 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-21 05:02:19,333 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-21 05:02:19,334 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-21 05:02:19,334 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-21 05:02:19,339 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,340 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,356 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,364 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,367 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,371 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,385 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,397 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-21 05:02:19,401 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-21 05:02:19,401 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-21 05:02:19,401 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-21 05:02:19,402 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (1/1) ... [2022-07-21 05:02:19,407 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-21 05:02:19,432 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-21 05:02:19,448 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-21 05:02:19,453 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-21 05:02:19,496 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-21 05:02:19,497 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-21 05:02:19,497 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-21 05:02:19,497 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-21 05:02:19,497 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-21 05:02:19,498 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-21 05:02:19,498 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-21 05:02:19,500 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-21 05:02:19,501 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-21 05:02:19,501 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-21 05:02:19,501 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-21 05:02:19,501 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-21 05:02:19,501 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-21 05:02:19,501 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-21 05:02:19,501 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-21 05:02:19,501 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-21 05:02:19,585 INFO L234 CfgBuilder]: Building ICFG [2022-07-21 05:02:19,600 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-21 05:02:19,878 INFO L275 CfgBuilder]: Performing block encoding [2022-07-21 05:02:19,883 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-21 05:02:19,884 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-21 05:02:19,885 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.07 05:02:19 BoogieIcfgContainer [2022-07-21 05:02:19,885 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-21 05:02:19,887 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-21 05:02:19,887 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-21 05:02:19,889 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-21 05:02:19,889 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 21.07 05:02:18" (1/3) ... [2022-07-21 05:02:19,890 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@38c5f03a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.07 05:02:19, skipping insertion in model container [2022-07-21 05:02:19,890 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.07 05:02:19" (2/3) ... [2022-07-21 05:02:19,890 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@38c5f03a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.07 05:02:19, skipping insertion in model container [2022-07-21 05:02:19,890 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.07 05:02:19" (3/3) ... [2022-07-21 05:02:19,893 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product36.cil.c [2022-07-21 05:02:19,903 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-21 05:02:19,904 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-21 05:02:19,945 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-21 05:02:19,949 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@5183362f, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@124e5511 [2022-07-21 05:02:19,950 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-21 05:02:19,953 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-21 05:02:19,960 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-21 05:02:19,960 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:19,961 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:19,961 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:19,965 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:19,965 INFO L85 PathProgramCache]: Analyzing trace with hash -1797931529, now seen corresponding path program 1 times [2022-07-21 05:02:19,971 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:19,972 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [475163241] [2022-07-21 05:02:19,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:19,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,203 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-21 05:02:20,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,216 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-21 05:02:20,223 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,226 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:20,227 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,227 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [475163241] [2022-07-21 05:02:20,228 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [475163241] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,229 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,229 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-21 05:02:20,230 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1849619530] [2022-07-21 05:02:20,230 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,235 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-21 05:02:20,235 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,257 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-21 05:02:20,258 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-21 05:02:20,261 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,301 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,301 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-07-21 05:02:20,302 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-21 05:02:20,303 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-21 05:02:20,304 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,310 INFO L225 Difference]: With dead ends: 161 [2022-07-21 05:02:20,310 INFO L226 Difference]: Without dead ends: 76 [2022-07-21 05:02:20,313 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-21 05:02:20,315 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,316 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,326 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-07-21 05:02:20,339 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-07-21 05:02:20,340 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-21 05:02:20,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-07-21 05:02:20,342 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-07-21 05:02:20,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,343 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-07-21 05:02:20,343 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,343 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-07-21 05:02:20,345 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-21 05:02:20,345 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,345 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,345 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-21 05:02:20,345 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,346 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,346 INFO L85 PathProgramCache]: Analyzing trace with hash -1521544977, now seen corresponding path program 1 times [2022-07-21 05:02:20,346 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,346 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [267478324] [2022-07-21 05:02:20,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,347 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,407 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-21 05:02:20,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,410 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-21 05:02:20,411 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,413 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:20,413 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,413 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [267478324] [2022-07-21 05:02:20,414 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [267478324] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,414 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,414 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-21 05:02:20,414 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1541319113] [2022-07-21 05:02:20,414 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,415 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-21 05:02:20,415 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,416 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-21 05:02:20,416 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:20,416 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,435 INFO L93 Difference]: Finished difference Result 112 states and 143 transitions. [2022-07-21 05:02:20,435 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-21 05:02:20,436 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-21 05:02:20,436 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,437 INFO L225 Difference]: With dead ends: 112 [2022-07-21 05:02:20,437 INFO L226 Difference]: Without dead ends: 67 [2022-07-21 05:02:20,438 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:20,440 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 18 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,440 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 146 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,442 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-07-21 05:02:20,447 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-07-21 05:02:20,450 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-21 05:02:20,452 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-07-21 05:02:20,452 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-07-21 05:02:20,453 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,454 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-07-21 05:02:20,454 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,454 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-07-21 05:02:20,456 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-07-21 05:02:20,457 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,457 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,457 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-21 05:02:20,458 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,460 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,460 INFO L85 PathProgramCache]: Analyzing trace with hash 1250979301, now seen corresponding path program 1 times [2022-07-21 05:02:20,461 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,461 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1859598746] [2022-07-21 05:02:20,461 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,515 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-21 05:02:20,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,518 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-07-21 05:02:20,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,520 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:20,520 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,520 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1859598746] [2022-07-21 05:02:20,520 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1859598746] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,521 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,521 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-21 05:02:20,521 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [517801532] [2022-07-21 05:02:20,521 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,521 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-21 05:02:20,522 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,522 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-21 05:02:20,522 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:20,522 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,540 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,540 INFO L93 Difference]: Finished difference Result 183 states and 238 transitions. [2022-07-21 05:02:20,541 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-21 05:02:20,541 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-07-21 05:02:20,541 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,542 INFO L225 Difference]: With dead ends: 183 [2022-07-21 05:02:20,543 INFO L226 Difference]: Without dead ends: 124 [2022-07-21 05:02:20,543 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:20,544 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 58 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,544 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 176 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,545 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2022-07-21 05:02:20,561 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 119. [2022-07-21 05:02:20,562 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 94 states have (on average 1.3404255319148937) internal successors, (126), 103 states have internal predecessors, (126), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-07-21 05:02:20,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 154 transitions. [2022-07-21 05:02:20,563 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 154 transitions. Word has length 38 [2022-07-21 05:02:20,563 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,563 INFO L495 AbstractCegarLoop]: Abstraction has 119 states and 154 transitions. [2022-07-21 05:02:20,563 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,563 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 154 transitions. [2022-07-21 05:02:20,564 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-07-21 05:02:20,564 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,565 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,565 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-21 05:02:20,565 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,565 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,565 INFO L85 PathProgramCache]: Analyzing trace with hash 177136733, now seen corresponding path program 1 times [2022-07-21 05:02:20,566 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,566 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1809981536] [2022-07-21 05:02:20,566 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,566 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,612 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-21 05:02:20,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,616 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-21 05:02:20,617 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,624 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-21 05:02:20,624 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,625 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1809981536] [2022-07-21 05:02:20,625 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1809981536] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,625 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,625 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-21 05:02:20,625 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [975782446] [2022-07-21 05:02:20,625 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,626 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-21 05:02:20,626 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,626 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-21 05:02:20,626 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-21 05:02:20,627 INFO L87 Difference]: Start difference. First operand 119 states and 154 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,705 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,705 INFO L93 Difference]: Finished difference Result 324 states and 428 transitions. [2022-07-21 05:02:20,706 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-21 05:02:20,706 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-07-21 05:02:20,706 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,707 INFO L225 Difference]: With dead ends: 324 [2022-07-21 05:02:20,707 INFO L226 Difference]: Without dead ends: 213 [2022-07-21 05:02:20,708 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-07-21 05:02:20,709 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 42 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 408 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,709 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 408 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,710 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 213 states. [2022-07-21 05:02:20,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 213 to 201. [2022-07-21 05:02:20,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 156 states have (on average 1.3012820512820513) internal successors, (203), 167 states have internal predecessors, (203), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-21 05:02:20,731 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 255 transitions. [2022-07-21 05:02:20,731 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 255 transitions. Word has length 41 [2022-07-21 05:02:20,732 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,732 INFO L495 AbstractCegarLoop]: Abstraction has 201 states and 255 transitions. [2022-07-21 05:02:20,732 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-21 05:02:20,732 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 255 transitions. [2022-07-21 05:02:20,733 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-21 05:02:20,733 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,734 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,734 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-21 05:02:20,734 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,734 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,734 INFO L85 PathProgramCache]: Analyzing trace with hash -413128686, now seen corresponding path program 1 times [2022-07-21 05:02:20,734 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,735 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1802150878] [2022-07-21 05:02:20,735 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,735 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,748 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,770 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-21 05:02:20,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,772 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-21 05:02:20,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,774 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:20,774 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,774 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1802150878] [2022-07-21 05:02:20,774 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1802150878] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,774 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,774 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-21 05:02:20,775 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [769978665] [2022-07-21 05:02:20,775 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,775 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-21 05:02:20,775 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,776 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-21 05:02:20,776 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-21 05:02:20,776 INFO L87 Difference]: Start difference. First operand 201 states and 255 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,809 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,809 INFO L93 Difference]: Finished difference Result 431 states and 556 transitions. [2022-07-21 05:02:20,810 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-21 05:02:20,810 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-21 05:02:20,811 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,815 INFO L225 Difference]: With dead ends: 431 [2022-07-21 05:02:20,815 INFO L226 Difference]: Without dead ends: 238 [2022-07-21 05:02:20,816 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-21 05:02:20,819 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 40 mSDsluCounter, 268 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,819 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 366 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,822 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 238 states. [2022-07-21 05:02:20,850 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 238 to 207. [2022-07-21 05:02:20,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 162 states have (on average 1.2901234567901234) internal successors, (209), 173 states have internal predecessors, (209), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-21 05:02:20,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 261 transitions. [2022-07-21 05:02:20,852 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 261 transitions. Word has length 47 [2022-07-21 05:02:20,853 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,853 INFO L495 AbstractCegarLoop]: Abstraction has 207 states and 261 transitions. [2022-07-21 05:02:20,853 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,853 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 261 transitions. [2022-07-21 05:02:20,854 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-21 05:02:20,854 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,855 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,855 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-21 05:02:20,855 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,855 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,855 INFO L85 PathProgramCache]: Analyzing trace with hash -2001476588, now seen corresponding path program 1 times [2022-07-21 05:02:20,856 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,856 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [479200869] [2022-07-21 05:02:20,856 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,856 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,890 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-21 05:02:20,891 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,892 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-21 05:02:20,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:20,894 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:20,894 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:20,894 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [479200869] [2022-07-21 05:02:20,895 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [479200869] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:20,895 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:20,895 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-21 05:02:20,895 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [705890602] [2022-07-21 05:02:20,895 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:20,896 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-21 05:02:20,896 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:20,896 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-21 05:02:20,896 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-21 05:02:20,897 INFO L87 Difference]: Start difference. First operand 207 states and 261 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,923 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:20,923 INFO L93 Difference]: Finished difference Result 438 states and 564 transitions. [2022-07-21 05:02:20,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-07-21 05:02:20,924 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-21 05:02:20,924 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:20,926 INFO L225 Difference]: With dead ends: 438 [2022-07-21 05:02:20,926 INFO L226 Difference]: Without dead ends: 239 [2022-07-21 05:02:20,927 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-21 05:02:20,929 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 27 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 262 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:20,931 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 262 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:20,931 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 239 states. [2022-07-21 05:02:20,943 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 239 to 211. [2022-07-21 05:02:20,944 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 166 states have (on average 1.283132530120482) internal successors, (213), 177 states have internal predecessors, (213), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-21 05:02:20,945 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 265 transitions. [2022-07-21 05:02:20,945 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 265 transitions. Word has length 47 [2022-07-21 05:02:20,946 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:20,946 INFO L495 AbstractCegarLoop]: Abstraction has 211 states and 265 transitions. [2022-07-21 05:02:20,946 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:20,946 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 265 transitions. [2022-07-21 05:02:20,947 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-21 05:02:20,947 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:20,947 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:20,948 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-21 05:02:20,948 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:20,948 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:20,948 INFO L85 PathProgramCache]: Analyzing trace with hash 604546966, now seen corresponding path program 1 times [2022-07-21 05:02:20,948 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:20,949 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1639714066] [2022-07-21 05:02:20,949 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:20,949 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:20,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,016 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-21 05:02:21,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,021 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-21 05:02:21,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,023 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:21,024 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:21,024 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1639714066] [2022-07-21 05:02:21,024 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1639714066] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:21,024 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:21,024 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-21 05:02:21,024 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1288595548] [2022-07-21 05:02:21,024 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:21,025 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-21 05:02:21,025 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:21,026 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-21 05:02:21,026 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:21,026 INFO L87 Difference]: Start difference. First operand 211 states and 265 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:21,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:21,050 INFO L93 Difference]: Finished difference Result 508 states and 643 transitions. [2022-07-21 05:02:21,050 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-21 05:02:21,050 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-21 05:02:21,050 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:21,053 INFO L225 Difference]: With dead ends: 508 [2022-07-21 05:02:21,053 INFO L226 Difference]: Without dead ends: 305 [2022-07-21 05:02:21,053 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 1 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-21 05:02:21,055 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 39 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:21,056 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 161 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-21 05:02:21,056 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2022-07-21 05:02:21,066 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 305. [2022-07-21 05:02:21,067 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 305 states, 240 states have (on average 1.25) internal successors, (300), 253 states have internal predecessors, (300), 36 states have call successors, (36), 30 states have call predecessors, (36), 28 states have return successors, (40), 34 states have call predecessors, (40), 36 states have call successors, (40) [2022-07-21 05:02:21,068 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 305 states to 305 states and 376 transitions. [2022-07-21 05:02:21,069 INFO L78 Accepts]: Start accepts. Automaton has 305 states and 376 transitions. Word has length 47 [2022-07-21 05:02:21,069 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:21,069 INFO L495 AbstractCegarLoop]: Abstraction has 305 states and 376 transitions. [2022-07-21 05:02:21,069 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-21 05:02:21,069 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 376 transitions. [2022-07-21 05:02:21,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-07-21 05:02:21,070 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:21,070 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:21,071 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-21 05:02:21,071 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:21,071 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:21,071 INFO L85 PathProgramCache]: Analyzing trace with hash -542316420, now seen corresponding path program 1 times [2022-07-21 05:02:21,071 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:21,072 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1596095668] [2022-07-21 05:02:21,072 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:21,072 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:21,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,141 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:21,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,158 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-21 05:02:21,160 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,161 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-07-21 05:02:21,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,163 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-21 05:02:21,163 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:21,163 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1596095668] [2022-07-21 05:02:21,163 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1596095668] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:21,163 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:21,163 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-21 05:02:21,164 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1704462356] [2022-07-21 05:02:21,164 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:21,164 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-21 05:02:21,164 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:21,164 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-21 05:02:21,165 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-07-21 05:02:21,165 INFO L87 Difference]: Start difference. First operand 305 states and 376 transitions. Second operand has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-21 05:02:21,460 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:21,460 INFO L93 Difference]: Finished difference Result 1038 states and 1325 transitions. [2022-07-21 05:02:21,461 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-07-21 05:02:21,461 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2022-07-21 05:02:21,461 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:21,464 INFO L225 Difference]: With dead ends: 1038 [2022-07-21 05:02:21,464 INFO L226 Difference]: Without dead ends: 835 [2022-07-21 05:02:21,465 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-07-21 05:02:21,466 INFO L413 NwaCegarLoop]: 135 mSDtfsCounter, 228 mSDsluCounter, 533 mSDsCounter, 0 mSdLazyCounter, 287 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 668 SdHoareTripleChecker+Invalid, 337 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 287 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:21,466 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 668 Invalid, 337 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 287 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-21 05:02:21,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 835 states. [2022-07-21 05:02:21,502 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 835 to 771. [2022-07-21 05:02:21,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 771 states, 610 states have (on average 1.2327868852459016) internal successors, (752), 647 states have internal predecessors, (752), 88 states have call successors, (88), 66 states have call predecessors, (88), 72 states have return successors, (108), 84 states have call predecessors, (108), 88 states have call successors, (108) [2022-07-21 05:02:21,506 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 771 states to 771 states and 948 transitions. [2022-07-21 05:02:21,507 INFO L78 Accepts]: Start accepts. Automaton has 771 states and 948 transitions. Word has length 51 [2022-07-21 05:02:21,507 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:21,507 INFO L495 AbstractCegarLoop]: Abstraction has 771 states and 948 transitions. [2022-07-21 05:02:21,507 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-21 05:02:21,507 INFO L276 IsEmpty]: Start isEmpty. Operand 771 states and 948 transitions. [2022-07-21 05:02:21,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-07-21 05:02:21,508 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:21,509 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:21,509 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-21 05:02:21,509 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:21,509 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:21,509 INFO L85 PathProgramCache]: Analyzing trace with hash 8311452, now seen corresponding path program 1 times [2022-07-21 05:02:21,510 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:21,510 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [805491694] [2022-07-21 05:02:21,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:21,510 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:21,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,535 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:21,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,543 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-21 05:02:21,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,567 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:21,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-07-21 05:02:21,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,575 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2022-07-21 05:02:21,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,577 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-07-21 05:02:21,577 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:21,577 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [805491694] [2022-07-21 05:02:21,577 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [805491694] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-21 05:02:21,577 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-21 05:02:21,578 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-21 05:02:21,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1832937077] [2022-07-21 05:02:21,578 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-21 05:02:21,579 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-21 05:02:21,579 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:21,579 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-21 05:02:21,579 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-21 05:02:21,579 INFO L87 Difference]: Start difference. First operand 771 states and 948 transitions. Second operand has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-21 05:02:21,735 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:21,735 INFO L93 Difference]: Finished difference Result 1319 states and 1618 transitions. [2022-07-21 05:02:21,736 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-21 05:02:21,736 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 81 [2022-07-21 05:02:21,737 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:21,739 INFO L225 Difference]: With dead ends: 1319 [2022-07-21 05:02:21,739 INFO L226 Difference]: Without dead ends: 556 [2022-07-21 05:02:21,740 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-07-21 05:02:21,742 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 176 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 183 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:21,742 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [183 Valid, 307 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-21 05:02:21,743 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2022-07-21 05:02:21,765 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 540. [2022-07-21 05:02:21,767 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 540 states, 426 states have (on average 1.2183098591549295) internal successors, (519), 452 states have internal predecessors, (519), 62 states have call successors, (62), 48 states have call predecessors, (62), 51 states have return successors, (72), 59 states have call predecessors, (72), 62 states have call successors, (72) [2022-07-21 05:02:21,769 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 540 states to 540 states and 653 transitions. [2022-07-21 05:02:21,770 INFO L78 Accepts]: Start accepts. Automaton has 540 states and 653 transitions. Word has length 81 [2022-07-21 05:02:21,770 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:21,770 INFO L495 AbstractCegarLoop]: Abstraction has 540 states and 653 transitions. [2022-07-21 05:02:21,770 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-21 05:02:21,770 INFO L276 IsEmpty]: Start isEmpty. Operand 540 states and 653 transitions. [2022-07-21 05:02:21,771 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2022-07-21 05:02:21,771 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:21,772 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:21,772 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-21 05:02:21,772 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:21,772 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:21,773 INFO L85 PathProgramCache]: Analyzing trace with hash -1954817075, now seen corresponding path program 1 times [2022-07-21 05:02:21,773 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:21,773 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2108530192] [2022-07-21 05:02:21,773 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:21,773 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:21,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,850 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:21,852 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,864 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-21 05:02:21,868 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,886 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:21,887 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,891 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-21 05:02:21,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,900 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2022-07-21 05:02:21,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,903 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2022-07-21 05:02:21,905 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:21,907 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 8 proven. 17 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-21 05:02:21,907 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:21,907 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2108530192] [2022-07-21 05:02:21,907 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2108530192] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-21 05:02:21,908 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1957134059] [2022-07-21 05:02:21,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:21,908 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-21 05:02:21,908 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-21 05:02:21,911 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-21 05:02:21,927 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-21 05:02:22,020 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:22,022 INFO L263 TraceCheckSpWp]: Trace formula consists of 445 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-21 05:02:22,029 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-21 05:02:22,163 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-21 05:02:22,163 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-21 05:02:22,278 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-21 05:02:22,278 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1957134059] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-21 05:02:22,279 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-21 05:02:22,279 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2022-07-21 05:02:22,279 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1913838959] [2022-07-21 05:02:22,279 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-21 05:02:22,279 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-07-21 05:02:22,279 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:22,279 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-07-21 05:02:22,280 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2022-07-21 05:02:22,280 INFO L87 Difference]: Start difference. First operand 540 states and 653 transitions. Second operand has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-21 05:02:22,936 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:22,936 INFO L93 Difference]: Finished difference Result 1139 states and 1413 transitions. [2022-07-21 05:02:22,936 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2022-07-21 05:02:22,937 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) Word has length 83 [2022-07-21 05:02:22,937 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:22,939 INFO L225 Difference]: With dead ends: 1139 [2022-07-21 05:02:22,939 INFO L226 Difference]: Without dead ends: 686 [2022-07-21 05:02:22,941 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 182 SyntacticMatches, 1 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 481 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=393, Invalid=1499, Unknown=0, NotChecked=0, Total=1892 [2022-07-21 05:02:22,941 INFO L413 NwaCegarLoop]: 183 mSDtfsCounter, 356 mSDsluCounter, 860 mSDsCounter, 0 mSdLazyCounter, 566 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 361 SdHoareTripleChecker+Valid, 1043 SdHoareTripleChecker+Invalid, 737 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 566 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:22,942 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [361 Valid, 1043 Invalid, 737 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 566 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-07-21 05:02:22,942 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 686 states. [2022-07-21 05:02:22,997 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 686 to 580. [2022-07-21 05:02:22,998 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 449 states have (on average 1.2026726057906458) internal successors, (540), 479 states have internal predecessors, (540), 71 states have call successors, (71), 60 states have call predecessors, (71), 59 states have return successors, (77), 62 states have call predecessors, (77), 71 states have call successors, (77) [2022-07-21 05:02:23,000 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 688 transitions. [2022-07-21 05:02:23,019 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 688 transitions. Word has length 83 [2022-07-21 05:02:23,019 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:23,020 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 688 transitions. [2022-07-21 05:02:23,020 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-21 05:02:23,020 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 688 transitions. [2022-07-21 05:02:23,022 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 179 [2022-07-21 05:02:23,022 INFO L187 NwaCegarLoop]: Found error trace [2022-07-21 05:02:23,022 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:23,040 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-07-21 05:02:23,237 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-21 05:02:23,237 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-21 05:02:23,237 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-21 05:02:23,237 INFO L85 PathProgramCache]: Analyzing trace with hash 57448184, now seen corresponding path program 1 times [2022-07-21 05:02:23,237 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-21 05:02:23,238 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1201431116] [2022-07-21 05:02:23,238 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:23,238 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-21 05:02:23,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,330 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:23,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,339 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-21 05:02:23,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,342 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:23,342 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,343 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2022-07-21 05:02:23,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,357 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:23,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,358 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:23,359 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,359 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2022-07-21 05:02:23,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,403 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:23,404 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,405 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-21 05:02:23,405 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,406 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 123 [2022-07-21 05:02:23,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,436 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-21 05:02:23,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,438 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 150 [2022-07-21 05:02:23,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,439 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 170 [2022-07-21 05:02:23,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,440 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 120 proven. 8 refuted. 0 times theorem prover too weak. 145 trivial. 0 not checked. [2022-07-21 05:02:23,440 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-21 05:02:23,440 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1201431116] [2022-07-21 05:02:23,440 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1201431116] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-21 05:02:23,440 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2031762600] [2022-07-21 05:02:23,440 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-21 05:02:23,440 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-21 05:02:23,441 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-21 05:02:23,451 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-21 05:02:23,487 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-07-21 05:02:23,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-21 05:02:23,624 INFO L263 TraceCheckSpWp]: Trace formula consists of 699 conjuncts, 13 conjunts are in the unsatisfiable core [2022-07-21 05:02:23,628 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-21 05:02:23,872 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 177 proven. 4 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2022-07-21 05:02:23,873 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-21 05:02:24,357 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 114 proven. 61 refuted. 0 times theorem prover too weak. 98 trivial. 0 not checked. [2022-07-21 05:02:24,358 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2031762600] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-21 05:02:24,358 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-21 05:02:24,358 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 10, 11] total 26 [2022-07-21 05:02:24,358 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [191659059] [2022-07-21 05:02:24,358 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-21 05:02:24,359 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-07-21 05:02:24,359 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-21 05:02:24,359 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-07-21 05:02:24,360 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=122, Invalid=528, Unknown=0, NotChecked=0, Total=650 [2022-07-21 05:02:24,360 INFO L87 Difference]: Start difference. First operand 580 states and 688 transitions. Second operand has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-21 05:02:25,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-21 05:02:25,103 INFO L93 Difference]: Finished difference Result 1348 states and 1641 transitions. [2022-07-21 05:02:25,103 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-07-21 05:02:25,104 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) Word has length 178 [2022-07-21 05:02:25,104 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-21 05:02:25,104 INFO L225 Difference]: With dead ends: 1348 [2022-07-21 05:02:25,104 INFO L226 Difference]: Without dead ends: 0 [2022-07-21 05:02:25,107 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 416 GetRequests, 373 SyntacticMatches, 3 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 330 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=371, Invalid=1351, Unknown=0, NotChecked=0, Total=1722 [2022-07-21 05:02:25,107 INFO L413 NwaCegarLoop]: 123 mSDtfsCounter, 660 mSDsluCounter, 935 mSDsCounter, 0 mSdLazyCounter, 654 mSolverCounterSat, 190 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 663 SdHoareTripleChecker+Valid, 1058 SdHoareTripleChecker+Invalid, 844 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 190 IncrementalHoareTripleChecker+Valid, 654 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-21 05:02:25,107 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [663 Valid, 1058 Invalid, 844 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [190 Valid, 654 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-21 05:02:25,108 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-21 05:02:25,108 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-21 05:02:25,108 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-21 05:02:25,108 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-21 05:02:25,108 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 178 [2022-07-21 05:02:25,108 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-21 05:02:25,108 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-21 05:02:25,108 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-21 05:02:25,108 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-21 05:02:25,108 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-21 05:02:25,110 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-21 05:02:25,145 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-07-21 05:02:25,327 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-07-21 05:02:25,330 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-21 05:02:29,801 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 140 146) no Hoare annotation was computed. [2022-07-21 05:02:29,801 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 140 146) the Hoare annotation is: true [2022-07-21 05:02:29,801 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 900 911) the Hoare annotation is: true [2022-07-21 05:02:29,801 INFO L899 garLoopResultBuilder]: For program point L904-1(lines 900 911) no Hoare annotation was computed. [2022-07-21 05:02:29,801 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 900 911) no Hoare annotation was computed. [2022-07-21 05:02:29,801 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 727 756) no Hoare annotation was computed. [2022-07-21 05:02:29,801 INFO L902 garLoopResultBuilder]: At program point L737-2(lines 737 751) the Hoare annotation is: true [2022-07-21 05:02:29,802 INFO L902 garLoopResultBuilder]: At program point L733(line 733) the Hoare annotation is: true [2022-07-21 05:02:29,802 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 727 756) the Hoare annotation is: true [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L733-1(line 733) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L902 garLoopResultBuilder]: At program point L752(lines 727 756) the Hoare annotation is: true [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L748(line 748) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L741(lines 741 745) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L902 garLoopResultBuilder]: At program point L741-1(lines 741 745) the Hoare annotation is: true [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L738(line 738) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L254(lines 254 258) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L895 garLoopResultBuilder]: At program point L93(lines 88 95) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse2 .cse1))) [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L254-2(lines 254 258) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L857(lines 857 863) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L895 garLoopResultBuilder]: At program point L841(lines 834 843) the Hoare annotation is: (let ((.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse6 (<= 1 ~switchedOnBeforeTS~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) .cse6)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5 .cse3) (or .cse0 .cse1 .cse3 (not (= 0 ~systemActive~0)))))) [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 113 139) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L127-1(lines 127 133) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L156(lines 156 164) no Hoare annotation was computed. [2022-07-21 05:02:29,802 INFO L899 garLoopResultBuilder]: For program point L152(lines 152 169) no Hoare annotation was computed. [2022-07-21 05:02:29,803 INFO L895 garLoopResultBuilder]: At program point L854(line 854) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse14 (<= ~waterLevel~0 1)) (.cse6 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse8 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse13 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (and .cse4 .cse5 .cse14 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6 .cse8)) (.cse9 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (< 1 |old(~waterLevel~0)|))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5 .cse6 .cse7 .cse8) .cse9) (or .cse10 .cse1 .cse11 .cse12) (or .cse0 .cse10 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse13 .cse5 .cse6 .cse7)) (or .cse10 .cse12 (and .cse13 .cse5 .cse14 .cse6 .cse7) (not (= 0 ~systemActive~0))) (or .cse1 .cse2 (not (= |old(~waterLevel~0)| 2)) .cse3) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2 .cse3 .cse9) (or .cse1 .cse2 .cse11 (= ~waterLevel~0 1) .cse12)))) [2022-07-21 05:02:29,803 INFO L895 garLoopResultBuilder]: At program point L949(lines 944 952) the Hoare annotation is: (let ((.cse8 (<= 1 ~pumpRunning~0)) (.cse9 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse13 (= 1 ~systemActive~0)) (.cse10 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse7 (and .cse8 .cse9 (<= ~waterLevel~0 1) .cse13 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse10)) (.cse12 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (not .cse13)) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2) .cse3 (not (= |old(~waterLevel~0)| 2)) .cse4) (or .cse5 .cse6 .cse7 (and .cse8 .cse9 .cse2 .cse10) .cse11 .cse12) (or (not (= |old(~waterLevel~0)| 1)) .cse5 .cse6 .cse7 .cse12) (or .cse3 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse0 .cse9 .cse2) .cse5 .cse11 (and .cse8 (= 2 ~waterLevel~0) .cse1 .cse2)) (or (not (<= |old(~waterLevel~0)| 1)) .cse3 (and .cse0 .cse9 .cse2) .cse4) (or .cse5 .cse6 (not (< 1 |old(~waterLevel~0)|)) .cse11 (and .cse8 .cse9 (= ~waterLevel~0 1) .cse10))))) [2022-07-21 05:02:29,803 INFO L899 garLoopResultBuilder]: For program point L854-1(line 854) no Hoare annotation was computed. [2022-07-21 05:02:29,803 INFO L895 garLoopResultBuilder]: At program point L260(lines 245 263) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and .cse4 (= |timeShift_isHighWaterLevel_~tmp___0~0#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) .cse5) (and .cse4 (= 2 ~waterLevel~0) .cse5) .cse1)) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-21 05:02:29,803 INFO L895 garLoopResultBuilder]: At program point L962(lines 953 966) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse3 .cse4) (and .cse3 (= 2 ~waterLevel~0) .cse4) .cse1)) (or .cse2 .cse5 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-21 05:02:29,803 INFO L899 garLoopResultBuilder]: For program point L120(lines 120 126) no Hoare annotation was computed. [2022-07-21 05:02:29,803 INFO L899 garLoopResultBuilder]: For program point L120-2(lines 116 138) no Hoare annotation was computed. [2022-07-21 05:02:29,803 INFO L895 garLoopResultBuilder]: At program point L178(lines 173 180) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-21 05:02:29,803 INFO L899 garLoopResultBuilder]: For program point L880(lines 880 884) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point L880-2(lines 876 887) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point L839(line 839) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point L839-1(line 839) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point L162(line 162) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point L92(line 92) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point L856(lines 856 866) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 869) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point L852-1(lines 844 872) the Hoare annotation is: (let ((.cse10 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (and .cse2 .cse3 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse4 .cse5)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse14 (not (= 0 ~systemActive~0))) (.cse8 (= |timeShift_processEnvironment_~tmp~0#1| 0)) (.cse9 (= ~pumpRunning~0 0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse10)) (.cse16 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5) (not (<= |old(~waterLevel~0)| 2))) (or .cse6 .cse7 (and .cse8 .cse9 .cse3 .cse10 .cse4 .cse11) .cse0) (or .cse6 .cse0 .cse1 .cse12 (and .cse2 .cse3 .cse4 .cse11 .cse5) .cse13) (or .cse6 .cse7 (and .cse9 .cse3 .cse4 .cse11) .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse12 .cse13) (or .cse7 .cse15 .cse14 (and .cse9 .cse16 .cse4 .cse11)) (or (and .cse8 .cse9 .cse16 .cse10 .cse4 .cse11) .cse7 .cse0 (and .cse2 .cse16 .cse4 .cse11) .cse15)))) [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 113 139) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 113 139) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 92) no Hoare annotation was computed. [2022-07-21 05:02:29,804 INFO L895 garLoopResultBuilder]: At program point L167(line 167) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L167-1(lines 148 172) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse11 (= 1 ~systemActive~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse11 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6)) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) .cse11 .cse5)) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not .cse11)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 .cse5 .cse6) .cse7 .cse2 .cse3) (or .cse8 .cse7 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 .cse9 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse10) (or .cse8 .cse0 .cse10 (and .cse4 .cse5) .cse9) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse7)))) [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L717(lines 666 718) the Hoare annotation is: false [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L705(lines 705 711) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L705-2(lines 697 712) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L668(lines 667 716) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L284(lines 279 286) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L697(lines 697 712) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L276(lines 264 278) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (= 0 ~systemActive~0)) [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L689(line 689) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L268(lines 268 274) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L268-2(lines 268 274) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L714(lines 667 716) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L677(lines 677 683) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L677-1(lines 677 683) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L899 garLoopResultBuilder]: For program point L669(lines 669 673) no Hoare annotation was computed. [2022-07-21 05:02:29,805 INFO L902 garLoopResultBuilder]: At program point L797(lines 789 799) the Hoare annotation is: true [2022-07-21 05:02:29,805 INFO L895 garLoopResultBuilder]: At program point L186(lines 181 188) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse1 .cse2 .cse3) (and .cse0 (< 1 ~waterLevel~0) .cse1 .cse2 .cse3))) [2022-07-21 05:02:29,806 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-21 05:02:29,806 INFO L895 garLoopResultBuilder]: At program point L785(lines 781 787) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-21 05:02:29,806 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-21 05:02:29,806 INFO L899 garLoopResultBuilder]: For program point L810(lines 810 817) no Hoare annotation was computed. [2022-07-21 05:02:29,806 INFO L899 garLoopResultBuilder]: For program point L810-2(lines 810 817) no Hoare annotation was computed. [2022-07-21 05:02:29,806 INFO L895 garLoopResultBuilder]: At program point L831(lines 826 833) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-21 05:02:29,806 INFO L902 garLoopResultBuilder]: At program point L819(lines 800 822) the Hoare annotation is: true [2022-07-21 05:02:29,807 INFO L902 garLoopResultBuilder]: At program point L720(lines 657 724) the Hoare annotation is: true [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point L687(lines 687 693) no Hoare annotation was computed. [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point L687-1(lines 687 693) no Hoare annotation was computed. [2022-07-21 05:02:29,807 INFO L895 garLoopResultBuilder]: At program point L679(line 679) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-21 05:02:29,807 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 888 899) no Hoare annotation was computed. [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point L892-1(lines 888 899) no Hoare annotation was computed. [2022-07-21 05:02:29,807 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 888 899) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 ~pumpRunning~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse2 .cse3) (or .cse5 .cse4 .cse0 .cse3) (or .cse4 .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (= 0 ~systemActive~0))) (or .cse5 .cse0 .cse1 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 200 208) no Hoare annotation was computed. [2022-07-21 05:02:29,807 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 200 208) the Hoare annotation is: true [2022-07-21 05:02:29,807 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 200 208) no Hoare annotation was computed. [2022-07-21 05:02:29,810 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-21 05:02:29,811 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-21 05:02:29,852 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 21.07 05:02:29 BoogieIcfgContainer [2022-07-21 05:02:29,852 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-21 05:02:29,852 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-21 05:02:29,852 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-21 05:02:29,853 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-21 05:02:29,853 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.07 05:02:19" (3/4) ... [2022-07-21 05:02:29,855 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-21 05:02:29,860 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-21 05:02:29,860 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-21 05:02:29,860 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-21 05:02:29,860 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-21 05:02:29,860 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-21 05:02:29,861 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-21 05:02:29,865 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2022-07-21 05:02:29,865 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-21 05:02:29,865 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-21 05:02:29,866 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-21 05:02:29,866 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-21 05:02:29,866 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-21 05:02:29,866 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-21 05:02:29,883 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) [2022-07-21 05:02:29,884 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-21 05:02:29,884 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-07-21 05:02:29,884 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-21 05:02:29,885 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-21 05:02:29,885 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-07-21 05:02:29,885 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-21 05:02:29,885 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-21 05:02:29,885 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-21 05:02:29,897 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-21 05:02:29,897 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-21 05:02:29,898 INFO L158 Benchmark]: Toolchain (without parser) took 11357.56ms. Allocated memory was 52.4MB in the beginning and 155.2MB in the end (delta: 102.8MB). Free memory was 31.8MB in the beginning and 120.1MB in the end (delta: -88.3MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,898 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 41.9MB. Free memory is still 23.9MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-21 05:02:29,898 INFO L158 Benchmark]: CACSL2BoogieTranslator took 698.66ms. Allocated memory is still 52.4MB. Free memory was 31.5MB in the beginning and 27.7MB in the end (delta: 3.8MB). Peak memory consumption was 7.0MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,898 INFO L158 Benchmark]: Boogie Procedure Inliner took 91.61ms. Allocated memory is still 52.4MB. Free memory was 27.7MB in the beginning and 25.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,899 INFO L158 Benchmark]: Boogie Preprocessor took 66.93ms. Allocated memory is still 52.4MB. Free memory was 25.3MB in the beginning and 35.6MB in the end (delta: -10.3MB). Peak memory consumption was 4.9MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,899 INFO L158 Benchmark]: RCFGBuilder took 484.45ms. Allocated memory was 52.4MB in the beginning and 62.9MB in the end (delta: 10.5MB). Free memory was 35.4MB in the beginning and 41.6MB in the end (delta: -6.1MB). Peak memory consumption was 14.0MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,899 INFO L158 Benchmark]: TraceAbstraction took 9965.27ms. Allocated memory was 62.9MB in the beginning and 155.2MB in the end (delta: 92.3MB). Free memory was 40.9MB in the beginning and 125.3MB in the end (delta: -84.4MB). Peak memory consumption was 91.3MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,899 INFO L158 Benchmark]: Witness Printer took 45.20ms. Allocated memory is still 155.2MB. Free memory was 125.3MB in the beginning and 120.1MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-21 05:02:29,900 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 41.9MB. Free memory is still 23.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 698.66ms. Allocated memory is still 52.4MB. Free memory was 31.5MB in the beginning and 27.7MB in the end (delta: 3.8MB). Peak memory consumption was 7.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 91.61ms. Allocated memory is still 52.4MB. Free memory was 27.7MB in the beginning and 25.3MB in the end (delta: 2.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 66.93ms. Allocated memory is still 52.4MB. Free memory was 25.3MB in the beginning and 35.6MB in the end (delta: -10.3MB). Peak memory consumption was 4.9MB. Max. memory is 16.1GB. * RCFGBuilder took 484.45ms. Allocated memory was 52.4MB in the beginning and 62.9MB in the end (delta: 10.5MB). Free memory was 35.4MB in the beginning and 41.6MB in the end (delta: -6.1MB). Peak memory consumption was 14.0MB. Max. memory is 16.1GB. * TraceAbstraction took 9965.27ms. Allocated memory was 62.9MB in the beginning and 155.2MB in the end (delta: 92.3MB). Free memory was 40.9MB in the beginning and 125.3MB in the end (delta: -84.4MB). Peak memory consumption was 91.3MB. Max. memory is 16.1GB. * Witness Printer took 45.20ms. Allocated memory is still 155.2MB. Free memory was 125.3MB in the beginning and 120.1MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.9s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.5s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1674 SdHoareTripleChecker+Valid, 1.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1644 mSDsluCounter, 4701 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3460 mSDsCounter, 485 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1717 IncrementalHoareTripleChecker+Invalid, 2202 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 485 mSolverCounterUnsat, 1241 mSDtfsCounter, 1717 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 744 GetRequests, 616 SyntacticMatches, 6 SemanticMatches, 122 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 845 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=771occurred in iteration=8, InterpolantAutomatonStates: 109, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 262 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 39 LocationsWithAnnotation, 1570 PreInvPairs, 1815 NumberOfFragments, 2432 HoareAnnotationTreeSize, 1570 FomulaSimplifications, 8432 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 39 FomulaSimplificationsInter, 17653 FormulaSimplificationTreeSizeReductionInter, 4.0s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 1.7s InterpolantComputationTime, 939 NumberOfCodeBlocks, 939 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1185 ConstructedInterpolants, 0 QuantifiedInterpolants, 2573 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1144 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 858/961 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 789]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 944]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 264]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive - InvariantResult [Line: 666]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 245]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 826]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 148]: Loop Invariant Derived loop invariant: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 667]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0 && 2 == waterLevel) && splverifierCounter == 0) && 0 == systemActive) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && 0 == systemActive)) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 737]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 781]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 844]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 279]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 727]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 181]: Loop Invariant Derived loop invariant: ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || ((((pumpRunning == 0 && 1 < waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 834]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) - InvariantResult [Line: 953]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 876]: Loop Invariant Derived loop invariant: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 88]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-07-21 05:02:29,947 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE