./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:39:45,404 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:39:45,406 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:39:45,442 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:39:45,443 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:39:45,444 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:39:45,445 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:39:45,448 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:39:45,449 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:39:45,453 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:39:45,453 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:39:45,455 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:39:45,455 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:39:45,457 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:39:45,458 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:39:45,460 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:39:45,461 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:39:45,462 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:39:45,463 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:39:45,468 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:39:45,469 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:39:45,470 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:39:45,471 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:39:45,472 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:39:45,473 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:39:45,478 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:39:45,478 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:39:45,479 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:39:45,480 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:39:45,480 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:39:45,481 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:39:45,481 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:39:45,482 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:39:45,483 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:39:45,483 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:39:45,485 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:39:45,485 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:39:45,485 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:39:45,486 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:39:45,486 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:39:45,486 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:39:45,488 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:39:45,489 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:39:45,512 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:39:45,512 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:39:45,513 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:39:45,513 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:39:45,513 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:39:45,514 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:39:45,514 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:39:45,514 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:39:45,514 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:39:45,515 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:39:45,515 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:39:45,515 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:39:45,515 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:39:45,515 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:39:45,516 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:39:45,517 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:39:45,517 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:39:45,517 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:39:45,517 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:39:45,517 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:39:45,517 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:39:45,517 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:39:45,518 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b [2022-07-22 17:39:45,744 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:39:45,761 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:39:45,765 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:39:45,766 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:39:45,766 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:39:45,767 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-22 17:39:45,813 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/28336f7f3/a4d80b1c6360414baff7636fbf9c9d30/FLAG026ae54de [2022-07-22 17:39:46,178 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:39:46,181 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-22 17:39:46,191 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/28336f7f3/a4d80b1c6360414baff7636fbf9c9d30/FLAG026ae54de [2022-07-22 17:39:46,536 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/28336f7f3/a4d80b1c6360414baff7636fbf9c9d30 [2022-07-22 17:39:46,538 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:39:46,539 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:39:46,542 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:39:46,542 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:39:46,544 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:39:46,544 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:39:46" (1/1) ... [2022-07-22 17:39:46,545 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2a7a287e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:46, skipping insertion in model container [2022-07-22 17:39:46,545 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:39:46" (1/1) ... [2022-07-22 17:39:46,550 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:39:46,596 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:39:46,810 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-22 17:39:46,964 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:39:46,986 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:39:47,017 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-22 17:39:47,093 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:39:47,128 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:39:47,128 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47 WrapperNode [2022-07-22 17:39:47,128 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:39:47,129 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:39:47,129 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:39:47,129 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:39:47,150 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,162 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,210 INFO L137 Inliner]: procedures = 56, calls = 155, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 238 [2022-07-22 17:39:47,210 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:39:47,211 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:39:47,212 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:39:47,212 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:39:47,217 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,217 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,228 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,235 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,238 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,250 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,259 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,260 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:39:47,261 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:39:47,261 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:39:47,271 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:39:47,272 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (1/1) ... [2022-07-22 17:39:47,280 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:39:47,287 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:39:47,296 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:39:47,316 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:39:47,336 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:39:47,337 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:39:47,337 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:39:47,337 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:39:47,337 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:39:47,337 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:39:47,337 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:39:47,337 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:39:47,337 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:39:47,338 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-22 17:39:47,338 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-22 17:39:47,338 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:39:47,338 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:39:47,338 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:39:47,338 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:39:47,338 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:39:47,383 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:39:47,385 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:39:47,599 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:39:47,604 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:39:47,604 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:39:47,605 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:39:47 BoogieIcfgContainer [2022-07-22 17:39:47,605 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:39:47,607 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:39:47,607 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:39:47,609 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:39:47,609 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:39:46" (1/3) ... [2022-07-22 17:39:47,609 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6726f479 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:39:47, skipping insertion in model container [2022-07-22 17:39:47,610 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:39:47" (2/3) ... [2022-07-22 17:39:47,610 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@6726f479 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:39:47, skipping insertion in model container [2022-07-22 17:39:47,610 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:39:47" (3/3) ... [2022-07-22 17:39:47,611 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product36.cil.c [2022-07-22 17:39:47,620 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:39:47,620 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:39:47,651 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:39:47,655 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@6f1e95f3, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@39e9d515 [2022-07-22 17:39:47,655 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:39:47,658 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-22 17:39:47,664 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-22 17:39:47,665 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:47,665 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:47,666 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:47,669 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:47,669 INFO L85 PathProgramCache]: Analyzing trace with hash -1797931529, now seen corresponding path program 1 times [2022-07-22 17:39:47,675 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:47,675 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [507436289] [2022-07-22 17:39:47,676 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:47,676 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:47,779 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,834 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-22 17:39:47,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,839 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-22 17:39:47,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,843 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:47,843 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:47,843 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [507436289] [2022-07-22 17:39:47,844 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [507436289] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:47,844 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:47,844 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:39:47,845 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1405058044] [2022-07-22 17:39:47,846 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:47,848 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:39:47,848 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:47,869 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:39:47,871 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:39:47,873 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:47,898 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:47,898 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-07-22 17:39:47,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:39:47,900 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-22 17:39:47,900 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:47,905 INFO L225 Difference]: With dead ends: 161 [2022-07-22 17:39:47,906 INFO L226 Difference]: Without dead ends: 76 [2022-07-22 17:39:47,908 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:39:47,910 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:47,911 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:47,922 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-07-22 17:39:47,936 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-07-22 17:39:47,938 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-22 17:39:47,939 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-07-22 17:39:47,940 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-07-22 17:39:47,940 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:47,940 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-07-22 17:39:47,941 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:47,941 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-07-22 17:39:47,943 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-22 17:39:47,943 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:47,943 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:47,943 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:39:47,944 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:47,944 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:47,944 INFO L85 PathProgramCache]: Analyzing trace with hash -1521544977, now seen corresponding path program 1 times [2022-07-22 17:39:47,944 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:47,945 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1466334293] [2022-07-22 17:39:47,945 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:47,945 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:47,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,994 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-22 17:39:47,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,997 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-22 17:39:47,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:47,999 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:47,999 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,000 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1466334293] [2022-07-22 17:39:48,000 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1466334293] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,000 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,000 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:39:48,000 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [227988839] [2022-07-22 17:39:48,000 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,001 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:39:48,001 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,002 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:39:48,002 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,002 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:48,012 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,012 INFO L93 Difference]: Finished difference Result 112 states and 143 transitions. [2022-07-22 17:39:48,013 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:39:48,013 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-22 17:39:48,013 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,014 INFO L225 Difference]: With dead ends: 112 [2022-07-22 17:39:48,014 INFO L226 Difference]: Without dead ends: 67 [2022-07-22 17:39:48,015 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,015 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 18 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,016 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 146 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:48,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-07-22 17:39:48,020 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-07-22 17:39:48,021 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-22 17:39:48,022 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-07-22 17:39:48,022 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-07-22 17:39:48,022 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,022 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-07-22 17:39:48,022 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:48,023 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-07-22 17:39:48,023 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-07-22 17:39:48,024 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,024 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,024 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:39:48,024 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,024 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,025 INFO L85 PathProgramCache]: Analyzing trace with hash 1250979301, now seen corresponding path program 1 times [2022-07-22 17:39:48,025 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,025 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [919419062] [2022-07-22 17:39:48,025 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,025 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,070 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:39:48,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,074 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-07-22 17:39:48,075 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,076 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:48,076 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,076 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [919419062] [2022-07-22 17:39:48,076 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [919419062] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,077 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,077 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:39:48,077 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1680584482] [2022-07-22 17:39:48,077 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,077 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:39:48,078 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,078 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:39:48,078 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,078 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,096 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,097 INFO L93 Difference]: Finished difference Result 183 states and 238 transitions. [2022-07-22 17:39:48,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:39:48,097 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-07-22 17:39:48,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,099 INFO L225 Difference]: With dead ends: 183 [2022-07-22 17:39:48,099 INFO L226 Difference]: Without dead ends: 124 [2022-07-22 17:39:48,100 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,100 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 58 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,101 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 176 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:48,102 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2022-07-22 17:39:48,112 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 119. [2022-07-22 17:39:48,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 94 states have (on average 1.3404255319148937) internal successors, (126), 103 states have internal predecessors, (126), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-07-22 17:39:48,122 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 154 transitions. [2022-07-22 17:39:48,122 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 154 transitions. Word has length 38 [2022-07-22 17:39:48,123 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,123 INFO L495 AbstractCegarLoop]: Abstraction has 119 states and 154 transitions. [2022-07-22 17:39:48,123 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,124 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 154 transitions. [2022-07-22 17:39:48,127 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-07-22 17:39:48,128 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,128 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,129 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:39:48,129 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,130 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,130 INFO L85 PathProgramCache]: Analyzing trace with hash 177136733, now seen corresponding path program 1 times [2022-07-22 17:39:48,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,131 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1136410252] [2022-07-22 17:39:48,131 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,131 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,152 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,187 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-22 17:39:48,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,190 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-22 17:39:48,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,201 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:39:48,201 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,201 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1136410252] [2022-07-22 17:39:48,201 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1136410252] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,201 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,202 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:39:48,202 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1128230072] [2022-07-22 17:39:48,202 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,202 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:39:48,203 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,203 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:39:48,203 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:39:48,203 INFO L87 Difference]: Start difference. First operand 119 states and 154 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:48,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,290 INFO L93 Difference]: Finished difference Result 324 states and 428 transitions. [2022-07-22 17:39:48,290 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-22 17:39:48,290 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-07-22 17:39:48,291 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,292 INFO L225 Difference]: With dead ends: 324 [2022-07-22 17:39:48,292 INFO L226 Difference]: Without dead ends: 213 [2022-07-22 17:39:48,293 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-07-22 17:39:48,294 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 42 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 408 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,295 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 408 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:39:48,295 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 213 states. [2022-07-22 17:39:48,319 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 213 to 201. [2022-07-22 17:39:48,320 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 156 states have (on average 1.3012820512820513) internal successors, (203), 167 states have internal predecessors, (203), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-22 17:39:48,321 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 255 transitions. [2022-07-22 17:39:48,321 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 255 transitions. Word has length 41 [2022-07-22 17:39:48,322 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,322 INFO L495 AbstractCegarLoop]: Abstraction has 201 states and 255 transitions. [2022-07-22 17:39:48,322 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:39:48,322 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 255 transitions. [2022-07-22 17:39:48,323 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-22 17:39:48,323 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,324 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,324 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:39:48,324 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,324 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,325 INFO L85 PathProgramCache]: Analyzing trace with hash -413128686, now seen corresponding path program 1 times [2022-07-22 17:39:48,325 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,325 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [829685883] [2022-07-22 17:39:48,325 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,325 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,362 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:39:48,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,364 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-22 17:39:48,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,366 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:48,366 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,366 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [829685883] [2022-07-22 17:39:48,367 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [829685883] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,367 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,367 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:39:48,367 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [954762344] [2022-07-22 17:39:48,367 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,368 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:39:48,368 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,368 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:39:48,368 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:39:48,369 INFO L87 Difference]: Start difference. First operand 201 states and 255 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,399 INFO L93 Difference]: Finished difference Result 431 states and 556 transitions. [2022-07-22 17:39:48,399 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-22 17:39:48,399 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-22 17:39:48,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,401 INFO L225 Difference]: With dead ends: 431 [2022-07-22 17:39:48,401 INFO L226 Difference]: Without dead ends: 238 [2022-07-22 17:39:48,402 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:39:48,403 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 40 mSDsluCounter, 268 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,403 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 366 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:48,404 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 238 states. [2022-07-22 17:39:48,414 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 238 to 207. [2022-07-22 17:39:48,415 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 162 states have (on average 1.2901234567901234) internal successors, (209), 173 states have internal predecessors, (209), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-22 17:39:48,416 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 261 transitions. [2022-07-22 17:39:48,416 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 261 transitions. Word has length 47 [2022-07-22 17:39:48,416 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,416 INFO L495 AbstractCegarLoop]: Abstraction has 207 states and 261 transitions. [2022-07-22 17:39:48,417 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,417 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 261 transitions. [2022-07-22 17:39:48,417 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-22 17:39:48,418 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,418 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,418 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:39:48,418 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,418 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,419 INFO L85 PathProgramCache]: Analyzing trace with hash -2001476588, now seen corresponding path program 1 times [2022-07-22 17:39:48,419 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,419 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [470927794] [2022-07-22 17:39:48,419 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,419 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,431 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,447 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:39:48,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,449 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-22 17:39:48,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,450 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:48,450 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,451 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [470927794] [2022-07-22 17:39:48,451 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [470927794] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,451 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,451 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-22 17:39:48,451 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [747539697] [2022-07-22 17:39:48,451 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,452 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-22 17:39:48,452 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,452 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-22 17:39:48,452 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-22 17:39:48,453 INFO L87 Difference]: Start difference. First operand 207 states and 261 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,473 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,473 INFO L93 Difference]: Finished difference Result 438 states and 564 transitions. [2022-07-22 17:39:48,473 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-07-22 17:39:48,473 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-22 17:39:48,474 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,475 INFO L225 Difference]: With dead ends: 438 [2022-07-22 17:39:48,475 INFO L226 Difference]: Without dead ends: 239 [2022-07-22 17:39:48,476 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:39:48,477 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 27 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 262 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,478 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 262 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:48,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 239 states. [2022-07-22 17:39:48,489 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 239 to 211. [2022-07-22 17:39:48,489 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 166 states have (on average 1.283132530120482) internal successors, (213), 177 states have internal predecessors, (213), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-22 17:39:48,490 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 265 transitions. [2022-07-22 17:39:48,490 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 265 transitions. Word has length 47 [2022-07-22 17:39:48,490 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,490 INFO L495 AbstractCegarLoop]: Abstraction has 211 states and 265 transitions. [2022-07-22 17:39:48,491 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,491 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 265 transitions. [2022-07-22 17:39:48,492 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-22 17:39:48,492 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,492 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,492 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-22 17:39:48,492 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,492 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,493 INFO L85 PathProgramCache]: Analyzing trace with hash 604546966, now seen corresponding path program 1 times [2022-07-22 17:39:48,493 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,493 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [173130650] [2022-07-22 17:39:48,493 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,493 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,504 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,526 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:39:48,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,528 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-22 17:39:48,529 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,530 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:48,530 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,530 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [173130650] [2022-07-22 17:39:48,530 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [173130650] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,530 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,531 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:39:48,531 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529260244] [2022-07-22 17:39:48,531 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,531 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:39:48,531 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,532 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:39:48,532 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,532 INFO L87 Difference]: Start difference. First operand 211 states and 265 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,554 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,554 INFO L93 Difference]: Finished difference Result 508 states and 643 transitions. [2022-07-22 17:39:48,554 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:39:48,554 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-22 17:39:48,555 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,556 INFO L225 Difference]: With dead ends: 508 [2022-07-22 17:39:48,556 INFO L226 Difference]: Without dead ends: 305 [2022-07-22 17:39:48,557 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 1 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:39:48,558 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 39 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,558 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 161 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:39:48,559 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2022-07-22 17:39:48,570 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 305. [2022-07-22 17:39:48,570 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 305 states, 240 states have (on average 1.25) internal successors, (300), 253 states have internal predecessors, (300), 36 states have call successors, (36), 30 states have call predecessors, (36), 28 states have return successors, (40), 34 states have call predecessors, (40), 36 states have call successors, (40) [2022-07-22 17:39:48,572 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 305 states to 305 states and 376 transitions. [2022-07-22 17:39:48,572 INFO L78 Accepts]: Start accepts. Automaton has 305 states and 376 transitions. Word has length 47 [2022-07-22 17:39:48,572 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,572 INFO L495 AbstractCegarLoop]: Abstraction has 305 states and 376 transitions. [2022-07-22 17:39:48,572 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:39:48,573 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 376 transitions. [2022-07-22 17:39:48,573 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-07-22 17:39:48,573 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,574 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,574 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-22 17:39:48,574 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,574 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,574 INFO L85 PathProgramCache]: Analyzing trace with hash -542316420, now seen corresponding path program 1 times [2022-07-22 17:39:48,575 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,575 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1333963061] [2022-07-22 17:39:48,575 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,575 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,638 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:48,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,653 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:39:48,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,655 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-07-22 17:39:48,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:48,657 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:39:48,657 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:48,657 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1333963061] [2022-07-22 17:39:48,657 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1333963061] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:48,657 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:48,657 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-22 17:39:48,657 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1025658746] [2022-07-22 17:39:48,658 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:48,658 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-22 17:39:48,658 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:48,658 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-22 17:39:48,659 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:39:48,659 INFO L87 Difference]: Start difference. First operand 305 states and 376 transitions. Second operand has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-22 17:39:48,897 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:48,897 INFO L93 Difference]: Finished difference Result 1038 states and 1325 transitions. [2022-07-22 17:39:48,898 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-07-22 17:39:48,898 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2022-07-22 17:39:48,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:48,905 INFO L225 Difference]: With dead ends: 1038 [2022-07-22 17:39:48,905 INFO L226 Difference]: Without dead ends: 835 [2022-07-22 17:39:48,908 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-07-22 17:39:48,910 INFO L413 NwaCegarLoop]: 135 mSDtfsCounter, 228 mSDsluCounter, 533 mSDsCounter, 0 mSdLazyCounter, 287 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 668 SdHoareTripleChecker+Invalid, 337 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 287 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:48,911 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 668 Invalid, 337 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 287 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:39:48,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 835 states. [2022-07-22 17:39:48,957 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 835 to 771. [2022-07-22 17:39:48,959 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 771 states, 610 states have (on average 1.2327868852459016) internal successors, (752), 647 states have internal predecessors, (752), 88 states have call successors, (88), 66 states have call predecessors, (88), 72 states have return successors, (108), 84 states have call predecessors, (108), 88 states have call successors, (108) [2022-07-22 17:39:48,962 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 771 states to 771 states and 948 transitions. [2022-07-22 17:39:48,963 INFO L78 Accepts]: Start accepts. Automaton has 771 states and 948 transitions. Word has length 51 [2022-07-22 17:39:48,964 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:48,964 INFO L495 AbstractCegarLoop]: Abstraction has 771 states and 948 transitions. [2022-07-22 17:39:48,964 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-22 17:39:48,964 INFO L276 IsEmpty]: Start isEmpty. Operand 771 states and 948 transitions. [2022-07-22 17:39:48,966 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-07-22 17:39:48,967 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:48,967 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:48,967 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-22 17:39:48,967 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:48,968 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:48,968 INFO L85 PathProgramCache]: Analyzing trace with hash 8311452, now seen corresponding path program 1 times [2022-07-22 17:39:48,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:48,968 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [485130989] [2022-07-22 17:39:48,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:48,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:48,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,010 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:49,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,017 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-22 17:39:49,020 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,028 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:49,029 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,030 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-07-22 17:39:49,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,031 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2022-07-22 17:39:49,032 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,033 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-07-22 17:39:49,033 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:49,033 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [485130989] [2022-07-22 17:39:49,033 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [485130989] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:39:49,033 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:39:49,033 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:39:49,034 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1733210716] [2022-07-22 17:39:49,034 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:39:49,034 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:39:49,034 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:49,034 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:39:49,035 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:39:49,035 INFO L87 Difference]: Start difference. First operand 771 states and 948 transitions. Second operand has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-22 17:39:49,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:49,182 INFO L93 Difference]: Finished difference Result 1319 states and 1618 transitions. [2022-07-22 17:39:49,183 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-22 17:39:49,183 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 81 [2022-07-22 17:39:49,183 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:49,185 INFO L225 Difference]: With dead ends: 1319 [2022-07-22 17:39:49,185 INFO L226 Difference]: Without dead ends: 556 [2022-07-22 17:39:49,186 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:39:49,187 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 176 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 183 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:49,187 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [183 Valid, 307 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:39:49,188 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2022-07-22 17:39:49,204 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 540. [2022-07-22 17:39:49,205 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 540 states, 426 states have (on average 1.2183098591549295) internal successors, (519), 452 states have internal predecessors, (519), 62 states have call successors, (62), 48 states have call predecessors, (62), 51 states have return successors, (72), 59 states have call predecessors, (72), 62 states have call successors, (72) [2022-07-22 17:39:49,206 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 540 states to 540 states and 653 transitions. [2022-07-22 17:39:49,207 INFO L78 Accepts]: Start accepts. Automaton has 540 states and 653 transitions. Word has length 81 [2022-07-22 17:39:49,207 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:49,207 INFO L495 AbstractCegarLoop]: Abstraction has 540 states and 653 transitions. [2022-07-22 17:39:49,207 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-22 17:39:49,207 INFO L276 IsEmpty]: Start isEmpty. Operand 540 states and 653 transitions. [2022-07-22 17:39:49,208 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2022-07-22 17:39:49,208 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:49,208 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:49,209 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-22 17:39:49,209 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:49,209 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:49,209 INFO L85 PathProgramCache]: Analyzing trace with hash -1954817075, now seen corresponding path program 1 times [2022-07-22 17:39:49,209 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:49,209 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [668110251] [2022-07-22 17:39:49,210 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:49,210 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:49,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,252 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:49,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,261 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-22 17:39:49,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,274 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:49,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,276 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-22 17:39:49,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,284 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2022-07-22 17:39:49,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,286 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2022-07-22 17:39:49,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,297 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 8 proven. 17 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-22 17:39:49,298 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:49,298 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [668110251] [2022-07-22 17:39:49,298 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [668110251] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:39:49,298 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1688038343] [2022-07-22 17:39:49,298 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:49,299 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:39:49,299 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:39:49,316 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:39:49,347 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:39:49,397 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:49,400 INFO L263 TraceCheckSpWp]: Trace formula consists of 445 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-22 17:39:49,404 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:39:49,498 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:39:49,499 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:39:49,590 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-22 17:39:49,590 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1688038343] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:39:49,591 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:39:49,591 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2022-07-22 17:39:49,591 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1704277958] [2022-07-22 17:39:49,591 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:39:49,592 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-07-22 17:39:49,592 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:49,592 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-07-22 17:39:49,592 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2022-07-22 17:39:49,593 INFO L87 Difference]: Start difference. First operand 540 states and 653 transitions. Second operand has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-22 17:39:50,273 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:50,273 INFO L93 Difference]: Finished difference Result 1139 states and 1413 transitions. [2022-07-22 17:39:50,273 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2022-07-22 17:39:50,274 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) Word has length 83 [2022-07-22 17:39:50,274 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:50,276 INFO L225 Difference]: With dead ends: 1139 [2022-07-22 17:39:50,277 INFO L226 Difference]: Without dead ends: 686 [2022-07-22 17:39:50,278 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 182 SyntacticMatches, 1 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 481 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=393, Invalid=1499, Unknown=0, NotChecked=0, Total=1892 [2022-07-22 17:39:50,279 INFO L413 NwaCegarLoop]: 183 mSDtfsCounter, 356 mSDsluCounter, 860 mSDsCounter, 0 mSdLazyCounter, 566 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 361 SdHoareTripleChecker+Valid, 1043 SdHoareTripleChecker+Invalid, 737 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 566 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:50,279 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [361 Valid, 1043 Invalid, 737 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 566 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-07-22 17:39:50,280 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 686 states. [2022-07-22 17:39:50,300 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 686 to 580. [2022-07-22 17:39:50,301 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 449 states have (on average 1.2026726057906458) internal successors, (540), 479 states have internal predecessors, (540), 71 states have call successors, (71), 60 states have call predecessors, (71), 59 states have return successors, (77), 62 states have call predecessors, (77), 71 states have call successors, (77) [2022-07-22 17:39:50,302 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 688 transitions. [2022-07-22 17:39:50,303 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 688 transitions. Word has length 83 [2022-07-22 17:39:50,303 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:50,303 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 688 transitions. [2022-07-22 17:39:50,303 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-22 17:39:50,304 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 688 transitions. [2022-07-22 17:39:50,305 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 179 [2022-07-22 17:39:50,305 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:39:50,305 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:50,326 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:39:50,523 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-22 17:39:50,523 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:39:50,524 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:39:50,524 INFO L85 PathProgramCache]: Analyzing trace with hash 57448184, now seen corresponding path program 1 times [2022-07-22 17:39:50,524 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:39:50,524 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [15048899] [2022-07-22 17:39:50,524 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:50,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:39:50,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,574 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:50,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,582 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-22 17:39:50,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,586 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:50,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,587 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2022-07-22 17:39:50,588 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,590 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:50,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,591 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:50,591 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,592 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2022-07-22 17:39:50,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,621 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:50,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,623 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:39:50,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,623 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 123 [2022-07-22 17:39:50,625 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,638 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:39:50,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,641 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 150 [2022-07-22 17:39:50,641 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,642 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 170 [2022-07-22 17:39:50,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,644 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 120 proven. 8 refuted. 0 times theorem prover too weak. 145 trivial. 0 not checked. [2022-07-22 17:39:50,644 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:39:50,644 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [15048899] [2022-07-22 17:39:50,644 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [15048899] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:39:50,644 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [734411381] [2022-07-22 17:39:50,644 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:39:50,644 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:39:50,645 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:39:50,646 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:39:50,647 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-07-22 17:39:50,758 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:39:50,760 INFO L263 TraceCheckSpWp]: Trace formula consists of 699 conjuncts, 13 conjunts are in the unsatisfiable core [2022-07-22 17:39:50,764 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:39:50,907 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 177 proven. 4 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2022-07-22 17:39:50,908 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:39:51,200 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 114 proven. 61 refuted. 0 times theorem prover too weak. 98 trivial. 0 not checked. [2022-07-22 17:39:51,200 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [734411381] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:39:51,200 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:39:51,200 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 10, 11] total 26 [2022-07-22 17:39:51,201 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1132770199] [2022-07-22 17:39:51,201 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:39:51,201 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-07-22 17:39:51,201 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:39:51,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-07-22 17:39:51,202 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=122, Invalid=528, Unknown=0, NotChecked=0, Total=650 [2022-07-22 17:39:51,202 INFO L87 Difference]: Start difference. First operand 580 states and 688 transitions. Second operand has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-22 17:39:51,665 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:39:51,665 INFO L93 Difference]: Finished difference Result 1348 states and 1641 transitions. [2022-07-22 17:39:51,666 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-07-22 17:39:51,666 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) Word has length 178 [2022-07-22 17:39:51,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:39:51,666 INFO L225 Difference]: With dead ends: 1348 [2022-07-22 17:39:51,666 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:39:51,669 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 416 GetRequests, 373 SyntacticMatches, 3 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 330 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=371, Invalid=1351, Unknown=0, NotChecked=0, Total=1722 [2022-07-22 17:39:51,670 INFO L413 NwaCegarLoop]: 123 mSDtfsCounter, 660 mSDsluCounter, 935 mSDsCounter, 0 mSdLazyCounter, 654 mSolverCounterSat, 190 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 663 SdHoareTripleChecker+Valid, 1058 SdHoareTripleChecker+Invalid, 844 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 190 IncrementalHoareTripleChecker+Valid, 654 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-07-22 17:39:51,670 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [663 Valid, 1058 Invalid, 844 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [190 Valid, 654 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-07-22 17:39:51,670 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:39:51,670 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:39:51,670 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:39:51,670 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:39:51,670 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 178 [2022-07-22 17:39:51,671 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:39:51,671 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:39:51,671 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-22 17:39:51,671 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:39:51,671 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:39:51,673 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:39:51,693 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-07-22 17:39:51,873 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-07-22 17:39:51,875 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:39:56,690 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 140 146) no Hoare annotation was computed. [2022-07-22 17:39:56,690 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 140 146) the Hoare annotation is: true [2022-07-22 17:39:56,690 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 900 911) the Hoare annotation is: true [2022-07-22 17:39:56,690 INFO L899 garLoopResultBuilder]: For program point L904-1(lines 900 911) no Hoare annotation was computed. [2022-07-22 17:39:56,691 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 900 911) no Hoare annotation was computed. [2022-07-22 17:39:56,691 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 727 756) no Hoare annotation was computed. [2022-07-22 17:39:56,692 INFO L902 garLoopResultBuilder]: At program point L737-2(lines 737 751) the Hoare annotation is: true [2022-07-22 17:39:56,692 INFO L902 garLoopResultBuilder]: At program point L733(line 733) the Hoare annotation is: true [2022-07-22 17:39:56,692 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 727 756) the Hoare annotation is: true [2022-07-22 17:39:56,692 INFO L899 garLoopResultBuilder]: For program point L733-1(line 733) no Hoare annotation was computed. [2022-07-22 17:39:56,692 INFO L902 garLoopResultBuilder]: At program point L752(lines 727 756) the Hoare annotation is: true [2022-07-22 17:39:56,692 INFO L899 garLoopResultBuilder]: For program point L748(line 748) no Hoare annotation was computed. [2022-07-22 17:39:56,692 INFO L899 garLoopResultBuilder]: For program point L741(lines 741 745) no Hoare annotation was computed. [2022-07-22 17:39:56,692 INFO L902 garLoopResultBuilder]: At program point L741-1(lines 741 745) the Hoare annotation is: true [2022-07-22 17:39:56,693 INFO L899 garLoopResultBuilder]: For program point L738(line 738) no Hoare annotation was computed. [2022-07-22 17:39:56,693 INFO L899 garLoopResultBuilder]: For program point L254(lines 254 258) no Hoare annotation was computed. [2022-07-22 17:39:56,693 INFO L895 garLoopResultBuilder]: At program point L93(lines 88 95) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse2 .cse1))) [2022-07-22 17:39:56,693 INFO L899 garLoopResultBuilder]: For program point L254-2(lines 254 258) no Hoare annotation was computed. [2022-07-22 17:39:56,693 INFO L899 garLoopResultBuilder]: For program point L857(lines 857 863) no Hoare annotation was computed. [2022-07-22 17:39:56,693 INFO L895 garLoopResultBuilder]: At program point L841(lines 834 843) the Hoare annotation is: (let ((.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse6 (<= 1 ~switchedOnBeforeTS~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) .cse6)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5 .cse3) (or .cse0 .cse1 .cse3 (not (= 0 ~systemActive~0)))))) [2022-07-22 17:39:56,694 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 113 139) no Hoare annotation was computed. [2022-07-22 17:39:56,694 INFO L899 garLoopResultBuilder]: For program point L127-1(lines 127 133) no Hoare annotation was computed. [2022-07-22 17:39:56,694 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2022-07-22 17:39:56,694 INFO L899 garLoopResultBuilder]: For program point L156(lines 156 164) no Hoare annotation was computed. [2022-07-22 17:39:56,694 INFO L899 garLoopResultBuilder]: For program point L152(lines 152 169) no Hoare annotation was computed. [2022-07-22 17:39:56,695 INFO L895 garLoopResultBuilder]: At program point L854(line 854) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse14 (<= ~waterLevel~0 1)) (.cse6 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse8 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse13 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (and .cse4 .cse5 .cse14 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6 .cse8)) (.cse9 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (< 1 |old(~waterLevel~0)|))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5 .cse6 .cse7 .cse8) .cse9) (or .cse10 .cse1 .cse11 .cse12) (or .cse0 .cse10 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse13 .cse5 .cse6 .cse7)) (or .cse10 .cse12 (and .cse13 .cse5 .cse14 .cse6 .cse7) (not (= 0 ~systemActive~0))) (or .cse1 .cse2 (not (= |old(~waterLevel~0)| 2)) .cse3) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2 .cse3 .cse9) (or .cse1 .cse2 .cse11 (= ~waterLevel~0 1) .cse12)))) [2022-07-22 17:39:56,696 INFO L895 garLoopResultBuilder]: At program point L949(lines 944 952) the Hoare annotation is: (let ((.cse8 (<= 1 ~pumpRunning~0)) (.cse9 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse13 (= 1 ~systemActive~0)) (.cse10 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse7 (and .cse8 .cse9 (<= ~waterLevel~0 1) .cse13 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse10)) (.cse12 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (not .cse13)) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2) .cse3 (not (= |old(~waterLevel~0)| 2)) .cse4) (or .cse5 .cse6 .cse7 (and .cse8 .cse9 .cse2 .cse10) .cse11 .cse12) (or (not (= |old(~waterLevel~0)| 1)) .cse5 .cse6 .cse7 .cse12) (or .cse3 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse0 .cse9 .cse2) .cse5 .cse11 (and .cse8 (= 2 ~waterLevel~0) .cse1 .cse2)) (or (not (<= |old(~waterLevel~0)| 1)) .cse3 (and .cse0 .cse9 .cse2) .cse4) (or .cse5 .cse6 (not (< 1 |old(~waterLevel~0)|)) .cse11 (and .cse8 .cse9 (= ~waterLevel~0 1) .cse10))))) [2022-07-22 17:39:56,696 INFO L899 garLoopResultBuilder]: For program point L854-1(line 854) no Hoare annotation was computed. [2022-07-22 17:39:56,696 INFO L895 garLoopResultBuilder]: At program point L260(lines 245 263) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and .cse4 (= |timeShift_isHighWaterLevel_~tmp___0~0#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) .cse5) (and .cse4 (= 2 ~waterLevel~0) .cse5) .cse1)) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:39:56,696 INFO L895 garLoopResultBuilder]: At program point L962(lines 953 966) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse3 .cse4) (and .cse3 (= 2 ~waterLevel~0) .cse4) .cse1)) (or .cse2 .cse5 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:39:56,696 INFO L899 garLoopResultBuilder]: For program point L120(lines 120 126) no Hoare annotation was computed. [2022-07-22 17:39:56,696 INFO L899 garLoopResultBuilder]: For program point L120-2(lines 116 138) no Hoare annotation was computed. [2022-07-22 17:39:56,696 INFO L895 garLoopResultBuilder]: At program point L178(lines 173 180) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:39:56,697 INFO L899 garLoopResultBuilder]: For program point L880(lines 880 884) no Hoare annotation was computed. [2022-07-22 17:39:56,697 INFO L895 garLoopResultBuilder]: At program point L880-2(lines 876 887) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-22 17:39:56,697 INFO L895 garLoopResultBuilder]: At program point L839(line 839) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-22 17:39:56,697 INFO L899 garLoopResultBuilder]: For program point L839-1(line 839) no Hoare annotation was computed. [2022-07-22 17:39:56,697 INFO L895 garLoopResultBuilder]: At program point L162(line 162) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:39:56,697 INFO L899 garLoopResultBuilder]: For program point L92(line 92) no Hoare annotation was computed. [2022-07-22 17:39:56,697 INFO L899 garLoopResultBuilder]: For program point L856(lines 856 866) no Hoare annotation was computed. [2022-07-22 17:39:56,698 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 869) no Hoare annotation was computed. [2022-07-22 17:39:56,698 INFO L895 garLoopResultBuilder]: At program point L852-1(lines 844 872) the Hoare annotation is: (let ((.cse10 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (and .cse2 .cse3 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse4 .cse5)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse14 (not (= 0 ~systemActive~0))) (.cse8 (= |timeShift_processEnvironment_~tmp~0#1| 0)) (.cse9 (= ~pumpRunning~0 0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse10)) (.cse16 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5) (not (<= |old(~waterLevel~0)| 2))) (or .cse6 .cse7 (and .cse8 .cse9 .cse3 .cse10 .cse4 .cse11) .cse0) (or .cse6 .cse0 .cse1 .cse12 (and .cse2 .cse3 .cse4 .cse11 .cse5) .cse13) (or .cse6 .cse7 (and .cse9 .cse3 .cse4 .cse11) .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse12 .cse13) (or .cse7 .cse15 .cse14 (and .cse9 .cse16 .cse4 .cse11)) (or (and .cse8 .cse9 .cse16 .cse10 .cse4 .cse11) .cse7 .cse0 (and .cse2 .cse16 .cse4 .cse11) .cse15)))) [2022-07-22 17:39:56,698 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 113 139) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-22 17:39:56,698 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 113 139) no Hoare annotation was computed. [2022-07-22 17:39:56,698 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 92) no Hoare annotation was computed. [2022-07-22 17:39:56,698 INFO L895 garLoopResultBuilder]: At program point L167(line 167) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-22 17:39:56,698 INFO L895 garLoopResultBuilder]: At program point L167-1(lines 148 172) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse11 (= 1 ~systemActive~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse11 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6)) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) .cse11 .cse5)) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not .cse11)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 .cse5 .cse6) .cse7 .cse2 .cse3) (or .cse8 .cse7 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 .cse9 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse10) (or .cse8 .cse0 .cse10 (and .cse4 .cse5) .cse9) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse7)))) [2022-07-22 17:39:56,699 INFO L895 garLoopResultBuilder]: At program point L717(lines 666 718) the Hoare annotation is: false [2022-07-22 17:39:56,699 INFO L899 garLoopResultBuilder]: For program point L705(lines 705 711) no Hoare annotation was computed. [2022-07-22 17:39:56,699 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:39:56,699 INFO L895 garLoopResultBuilder]: At program point L705-2(lines 697 712) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:39:56,700 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:39:56,700 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:39:56,700 INFO L899 garLoopResultBuilder]: For program point L668(lines 667 716) no Hoare annotation was computed. [2022-07-22 17:39:56,700 INFO L895 garLoopResultBuilder]: At program point L284(lines 279 286) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:39:56,700 INFO L899 garLoopResultBuilder]: For program point L697(lines 697 712) no Hoare annotation was computed. [2022-07-22 17:39:56,700 INFO L895 garLoopResultBuilder]: At program point L276(lines 264 278) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (= 0 ~systemActive~0)) [2022-07-22 17:39:56,700 INFO L895 garLoopResultBuilder]: At program point L689(line 689) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:39:56,700 INFO L899 garLoopResultBuilder]: For program point L268(lines 268 274) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L899 garLoopResultBuilder]: For program point L268-2(lines 268 274) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L895 garLoopResultBuilder]: At program point L714(lines 667 716) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-22 17:39:56,701 INFO L899 garLoopResultBuilder]: For program point L677(lines 677 683) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L899 garLoopResultBuilder]: For program point L677-1(lines 677 683) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L899 garLoopResultBuilder]: For program point L669(lines 669 673) no Hoare annotation was computed. [2022-07-22 17:39:56,701 INFO L902 garLoopResultBuilder]: At program point L797(lines 789 799) the Hoare annotation is: true [2022-07-22 17:39:56,701 INFO L895 garLoopResultBuilder]: At program point L186(lines 181 188) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse1 .cse2 .cse3) (and .cse0 (< 1 ~waterLevel~0) .cse1 .cse2 .cse3))) [2022-07-22 17:39:56,702 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:39:56,702 INFO L895 garLoopResultBuilder]: At program point L785(lines 781 787) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:39:56,702 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:39:56,702 INFO L899 garLoopResultBuilder]: For program point L810(lines 810 817) no Hoare annotation was computed. [2022-07-22 17:39:56,702 INFO L899 garLoopResultBuilder]: For program point L810-2(lines 810 817) no Hoare annotation was computed. [2022-07-22 17:39:56,702 INFO L895 garLoopResultBuilder]: At program point L831(lines 826 833) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:39:56,702 INFO L902 garLoopResultBuilder]: At program point L819(lines 800 822) the Hoare annotation is: true [2022-07-22 17:39:56,702 INFO L902 garLoopResultBuilder]: At program point L720(lines 657 724) the Hoare annotation is: true [2022-07-22 17:39:56,702 INFO L899 garLoopResultBuilder]: For program point L687(lines 687 693) no Hoare annotation was computed. [2022-07-22 17:39:56,703 INFO L899 garLoopResultBuilder]: For program point L687-1(lines 687 693) no Hoare annotation was computed. [2022-07-22 17:39:56,703 INFO L895 garLoopResultBuilder]: At program point L679(line 679) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-22 17:39:56,703 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:39:56,703 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 888 899) no Hoare annotation was computed. [2022-07-22 17:39:56,703 INFO L899 garLoopResultBuilder]: For program point L892-1(lines 888 899) no Hoare annotation was computed. [2022-07-22 17:39:56,703 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 888 899) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 ~pumpRunning~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse2 .cse3) (or .cse5 .cse4 .cse0 .cse3) (or .cse4 .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (= 0 ~systemActive~0))) (or .cse5 .cse0 .cse1 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:39:56,703 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 200 208) no Hoare annotation was computed. [2022-07-22 17:39:56,703 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 200 208) the Hoare annotation is: true [2022-07-22 17:39:56,704 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 200 208) no Hoare annotation was computed. [2022-07-22 17:39:56,706 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:39:56,707 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:39:56,733 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:39:56 BoogieIcfgContainer [2022-07-22 17:39:56,733 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:39:56,734 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:39:56,734 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:39:56,734 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:39:56,735 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:39:47" (3/4) ... [2022-07-22 17:39:56,736 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:39:56,740 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:39:56,740 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:39:56,740 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:39:56,741 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:39:56,741 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:39:56,741 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-22 17:39:56,745 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2022-07-22 17:39:56,746 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:39:56,746 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:39:56,746 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:39:56,747 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:39:56,747 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:39:56,747 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:39:56,764 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) [2022-07-22 17:39:56,765 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-22 17:39:56,766 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-07-22 17:39:56,766 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-22 17:39:56,766 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:39:56,766 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-07-22 17:39:56,767 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:39:56,767 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:39:56,767 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:39:56,789 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:39:56,789 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:39:56,790 INFO L158 Benchmark]: Toolchain (without parser) took 10250.51ms. Allocated memory was 100.7MB in the beginning and 218.1MB in the end (delta: 117.4MB). Free memory was 60.6MB in the beginning and 127.2MB in the end (delta: -66.5MB). Peak memory consumption was 50.2MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,790 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 100.7MB. Free memory is still 78.0MB. There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:39:56,790 INFO L158 Benchmark]: CACSL2BoogieTranslator took 586.90ms. Allocated memory is still 100.7MB. Free memory was 60.4MB in the beginning and 68.1MB in the end (delta: -7.6MB). Peak memory consumption was 8.6MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,791 INFO L158 Benchmark]: Boogie Procedure Inliner took 81.46ms. Allocated memory is still 100.7MB. Free memory was 68.1MB in the beginning and 65.5MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,791 INFO L158 Benchmark]: Boogie Preprocessor took 49.06ms. Allocated memory is still 100.7MB. Free memory was 65.5MB in the beginning and 64.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,791 INFO L158 Benchmark]: RCFGBuilder took 344.60ms. Allocated memory is still 100.7MB. Free memory was 64.0MB in the beginning and 48.1MB in the end (delta: 15.9MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,791 INFO L158 Benchmark]: TraceAbstraction took 9127.01ms. Allocated memory was 100.7MB in the beginning and 218.1MB in the end (delta: 117.4MB). Free memory was 47.5MB in the beginning and 132.4MB in the end (delta: -84.9MB). Peak memory consumption was 79.9MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,792 INFO L158 Benchmark]: Witness Printer took 55.42ms. Allocated memory is still 218.1MB. Free memory was 132.4MB in the beginning and 127.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:39:56,793 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 100.7MB. Free memory is still 78.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 586.90ms. Allocated memory is still 100.7MB. Free memory was 60.4MB in the beginning and 68.1MB in the end (delta: -7.6MB). Peak memory consumption was 8.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 81.46ms. Allocated memory is still 100.7MB. Free memory was 68.1MB in the beginning and 65.5MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 49.06ms. Allocated memory is still 100.7MB. Free memory was 65.5MB in the beginning and 64.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 344.60ms. Allocated memory is still 100.7MB. Free memory was 64.0MB in the beginning and 48.1MB in the end (delta: 15.9MB). Peak memory consumption was 14.7MB. Max. memory is 16.1GB. * TraceAbstraction took 9127.01ms. Allocated memory was 100.7MB in the beginning and 218.1MB in the end (delta: 117.4MB). Free memory was 47.5MB in the beginning and 132.4MB in the end (delta: -84.9MB). Peak memory consumption was 79.9MB. Max. memory is 16.1GB. * Witness Printer took 55.42ms. Allocated memory is still 218.1MB. Free memory was 132.4MB in the beginning and 127.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 9.1s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1674 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1644 mSDsluCounter, 4701 SdHoareTripleChecker+Invalid, 0.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3460 mSDsCounter, 485 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1717 IncrementalHoareTripleChecker+Invalid, 2202 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 485 mSolverCounterUnsat, 1241 mSDtfsCounter, 1717 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 744 GetRequests, 616 SyntacticMatches, 6 SemanticMatches, 122 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 845 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=771occurred in iteration=8, InterpolantAutomatonStates: 109, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 11 MinimizatonAttempts, 262 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 39 LocationsWithAnnotation, 1570 PreInvPairs, 1815 NumberOfFragments, 2432 HoareAnnotationTreeSize, 1570 FomulaSimplifications, 8432 FormulaSimplificationTreeSizeReduction, 0.8s HoareSimplificationTime, 39 FomulaSimplificationsInter, 17653 FormulaSimplificationTreeSizeReductionInter, 4.0s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 1.2s InterpolantComputationTime, 939 NumberOfCodeBlocks, 939 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1185 ConstructedInterpolants, 0 QuantifiedInterpolants, 2573 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1144 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 858/961 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 789]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 944]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 264]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive - InvariantResult [Line: 666]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 245]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 826]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 148]: Loop Invariant Derived loop invariant: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 667]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0 && 2 == waterLevel) && splverifierCounter == 0) && 0 == systemActive) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && 0 == systemActive)) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 737]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 781]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 844]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 279]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 727]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 181]: Loop Invariant Derived loop invariant: ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || ((((pumpRunning == 0 && 1 < waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 834]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) - InvariantResult [Line: 953]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 876]: Loop Invariant Derived loop invariant: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 88]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-07-22 17:39:56,860 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE