./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:40:19,305 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:40:19,306 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:40:19,338 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:40:19,339 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:40:19,340 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:40:19,342 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:40:19,346 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:40:19,347 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:40:19,352 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:40:19,353 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:40:19,354 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:40:19,354 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:40:19,356 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:40:19,357 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:40:19,358 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:40:19,361 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:40:19,361 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:40:19,363 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:40:19,364 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:40:19,367 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:40:19,368 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:40:19,369 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:40:19,369 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:40:19,370 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:40:19,372 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:40:19,373 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:40:19,374 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:40:19,374 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:40:19,375 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:40:19,375 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:40:19,376 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:40:19,377 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:40:19,377 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:40:19,378 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:40:19,378 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:40:19,378 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:40:19,379 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:40:19,379 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:40:19,379 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:40:19,380 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:40:19,381 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:40:19,382 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:40:19,405 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:40:19,406 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:40:19,406 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:40:19,406 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:40:19,407 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:40:19,407 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:40:19,407 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:40:19,407 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:40:19,407 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:40:19,408 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:40:19,408 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:40:19,408 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:40:19,409 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:40:19,410 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:40:19,410 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:40:19,411 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:40:19,411 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:40:19,411 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:40:19,411 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:40:19,411 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:40:19,411 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:40:19,412 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:40:19,413 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:40:19,413 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c [2022-07-22 17:40:19,598 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:40:19,615 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:40:19,624 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:40:19,625 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:40:19,626 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:40:19,627 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2022-07-22 17:40:19,679 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f51448f9/9871b88fd51c45d09ee174f8fe487df7/FLAGe0f7637d9 [2022-07-22 17:40:20,093 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:40:20,096 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2022-07-22 17:40:20,106 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f51448f9/9871b88fd51c45d09ee174f8fe487df7/FLAGe0f7637d9 [2022-07-22 17:40:20,115 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/3f51448f9/9871b88fd51c45d09ee174f8fe487df7 [2022-07-22 17:40:20,119 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:40:20,120 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:40:20,122 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:40:20,122 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:40:20,124 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:40:20,124 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,125 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1f694f32 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20, skipping insertion in model container [2022-07-22 17:40:20,125 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,130 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:40:20,156 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:40:20,337 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2022-07-22 17:40:20,347 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:40:20,355 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:40:20,410 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2022-07-22 17:40:20,411 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:40:20,423 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:40:20,423 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20 WrapperNode [2022-07-22 17:40:20,423 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:40:20,424 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:40:20,424 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:40:20,425 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:40:20,430 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,440 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,459 INFO L137 Inliner]: procedures = 60, calls = 164, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 297 [2022-07-22 17:40:20,459 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:40:20,460 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:40:20,460 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:40:20,460 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:40:20,465 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,466 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,468 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,468 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,472 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,476 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,477 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,479 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:40:20,480 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:40:20,480 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:40:20,480 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:40:20,481 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (1/1) ... [2022-07-22 17:40:20,485 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:40:20,494 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:40:20,503 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:40:20,506 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:40:20,553 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:40:20,554 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:40:20,554 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:40:20,554 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:40:20,554 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:40:20,554 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:40:20,554 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:40:20,555 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:20,556 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:20,556 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:40:20,556 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:40:20,556 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:20,556 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:20,556 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-22 17:40:20,556 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-22 17:40:20,556 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-07-22 17:40:20,557 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-07-22 17:40:20,557 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-22 17:40:20,557 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-22 17:40:20,557 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:40:20,557 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:40:20,557 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:40:20,557 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:40:20,557 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:40:20,620 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:40:20,622 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:40:20,873 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:40:20,878 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:40:20,879 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:40:20,880 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:20 BoogieIcfgContainer [2022-07-22 17:40:20,880 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:40:20,881 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:40:20,881 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:40:20,883 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:40:20,884 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:40:20" (1/3) ... [2022-07-22 17:40:20,884 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11b117f3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:40:20, skipping insertion in model container [2022-07-22 17:40:20,884 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:20" (2/3) ... [2022-07-22 17:40:20,884 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@11b117f3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:40:20, skipping insertion in model container [2022-07-22 17:40:20,885 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:20" (3/3) ... [2022-07-22 17:40:20,885 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product62.cil.c [2022-07-22 17:40:20,894 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:40:20,894 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:40:20,947 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:40:20,956 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@116b5cee, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@321cfcef [2022-07-22 17:40:20,956 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:40:20,973 INFO L276 IsEmpty]: Start isEmpty. Operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-07-22 17:40:21,000 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-22 17:40:21,000 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,001 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,001 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,005 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,005 INFO L85 PathProgramCache]: Analyzing trace with hash 1960372766, now seen corresponding path program 1 times [2022-07-22 17:40:21,012 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,012 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1756198477] [2022-07-22 17:40:21,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,307 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-22 17:40:21,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,319 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-22 17:40:21,323 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,328 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,329 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,329 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1756198477] [2022-07-22 17:40:21,330 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1756198477] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,330 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,330 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:40:21,331 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1730207690] [2022-07-22 17:40:21,332 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,338 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:40:21,338 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,363 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:40:21,365 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:40:21,367 INFO L87 Difference]: Start difference. First operand has 114 states, 84 states have (on average 1.3571428571428572) internal successors, (114), 94 states have internal predecessors, (114), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:21,413 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,413 INFO L93 Difference]: Finished difference Result 219 states and 294 transitions. [2022-07-22 17:40:21,414 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:40:21,415 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-22 17:40:21,416 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,432 INFO L225 Difference]: With dead ends: 219 [2022-07-22 17:40:21,433 INFO L226 Difference]: Without dead ends: 105 [2022-07-22 17:40:21,437 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:40:21,440 INFO L413 NwaCegarLoop]: 144 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,441 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:40:21,452 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2022-07-22 17:40:21,483 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 105. [2022-07-22 17:40:21,484 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 77 states have (on average 1.2987012987012987) internal successors, (100), 86 states have internal predecessors, (100), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-07-22 17:40:21,486 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 135 transitions. [2022-07-22 17:40:21,487 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 135 transitions. Word has length 32 [2022-07-22 17:40:21,487 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:21,488 INFO L495 AbstractCegarLoop]: Abstraction has 105 states and 135 transitions. [2022-07-22 17:40:21,489 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:21,489 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 135 transitions. [2022-07-22 17:40:21,493 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-22 17:40:21,494 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,494 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,494 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:40:21,495 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,497 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,497 INFO L85 PathProgramCache]: Analyzing trace with hash -526010073, now seen corresponding path program 1 times [2022-07-22 17:40:21,497 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,498 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1628315688] [2022-07-22 17:40:21,498 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,498 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,520 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,569 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-22 17:40:21,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,575 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-22 17:40:21,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,577 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,586 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,586 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1628315688] [2022-07-22 17:40:21,587 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1628315688] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,587 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,587 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:40:21,587 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [929792586] [2022-07-22 17:40:21,587 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,588 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:40:21,588 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,589 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:40:21,589 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:21,589 INFO L87 Difference]: Start difference. First operand 105 states and 135 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:21,603 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,605 INFO L93 Difference]: Finished difference Result 174 states and 224 transitions. [2022-07-22 17:40:21,605 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:40:21,610 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-22 17:40:21,611 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,612 INFO L225 Difference]: With dead ends: 174 [2022-07-22 17:40:21,613 INFO L226 Difference]: Without dead ends: 96 [2022-07-22 17:40:21,613 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:21,615 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 13 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 227 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,616 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 227 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:40:21,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2022-07-22 17:40:21,628 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2022-07-22 17:40:21,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.3098591549295775) internal successors, (93), 80 states have internal predecessors, (93), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2022-07-22 17:40:21,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 123 transitions. [2022-07-22 17:40:21,632 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 123 transitions. Word has length 33 [2022-07-22 17:40:21,632 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:21,632 INFO L495 AbstractCegarLoop]: Abstraction has 96 states and 123 transitions. [2022-07-22 17:40:21,632 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:21,633 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 123 transitions. [2022-07-22 17:40:21,633 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-07-22 17:40:21,634 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,634 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,634 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:40:21,634 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,634 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,635 INFO L85 PathProgramCache]: Analyzing trace with hash -1914406272, now seen corresponding path program 1 times [2022-07-22 17:40:21,635 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,635 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1192843476] [2022-07-22 17:40:21,638 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,639 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,712 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:21,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,723 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-07-22 17:40:21,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,727 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,728 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,728 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1192843476] [2022-07-22 17:40:21,728 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1192843476] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,729 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,730 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:40:21,730 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2108995686] [2022-07-22 17:40:21,730 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,731 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:40:21,731 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,732 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:40:21,732 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:21,733 INFO L87 Difference]: Start difference. First operand 96 states and 123 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:40:21,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,749 INFO L93 Difference]: Finished difference Result 184 states and 239 transitions. [2022-07-22 17:40:21,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:40:21,749 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-07-22 17:40:21,750 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,750 INFO L225 Difference]: With dead ends: 184 [2022-07-22 17:40:21,751 INFO L226 Difference]: Without dead ends: 96 [2022-07-22 17:40:21,751 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:21,752 INFO L413 NwaCegarLoop]: 121 mSDtfsCounter, 113 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 113 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,753 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [113 Valid, 121 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:40:21,753 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 96 states. [2022-07-22 17:40:21,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 96 to 96. [2022-07-22 17:40:21,774 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 96 states, 71 states have (on average 1.295774647887324) internal successors, (92), 80 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2022-07-22 17:40:21,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 96 states to 96 states and 122 transitions. [2022-07-22 17:40:21,775 INFO L78 Accepts]: Start accepts. Automaton has 96 states and 122 transitions. Word has length 38 [2022-07-22 17:40:21,776 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:21,776 INFO L495 AbstractCegarLoop]: Abstraction has 96 states and 122 transitions. [2022-07-22 17:40:21,776 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:40:21,776 INFO L276 IsEmpty]: Start isEmpty. Operand 96 states and 122 transitions. [2022-07-22 17:40:21,777 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-07-22 17:40:21,778 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,778 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,778 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:40:21,778 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,778 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,778 INFO L85 PathProgramCache]: Analyzing trace with hash 1685949316, now seen corresponding path program 1 times [2022-07-22 17:40:21,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,779 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1321589113] [2022-07-22 17:40:21,779 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,779 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,819 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:21,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,822 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-07-22 17:40:21,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,826 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-07-22 17:40:21,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,828 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-07-22 17:40:21,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,830 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,830 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,830 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1321589113] [2022-07-22 17:40:21,830 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1321589113] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,830 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,831 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-22 17:40:21,831 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [685669286] [2022-07-22 17:40:21,831 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,831 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-22 17:40:21,831 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,832 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-22 17:40:21,832 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-22 17:40:21,832 INFO L87 Difference]: Start difference. First operand 96 states and 122 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:40:21,966 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,967 INFO L93 Difference]: Finished difference Result 273 states and 351 transitions. [2022-07-22 17:40:21,967 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:40:21,967 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 51 [2022-07-22 17:40:21,968 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,973 INFO L225 Difference]: With dead ends: 273 [2022-07-22 17:40:21,974 INFO L226 Difference]: Without dead ends: 185 [2022-07-22 17:40:21,975 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:40:21,983 INFO L413 NwaCegarLoop]: 112 mSDtfsCounter, 194 mSDsluCounter, 125 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 201 SdHoareTripleChecker+Valid, 237 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,985 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [201 Valid, 237 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:21,986 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 185 states. [2022-07-22 17:40:22,005 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 185 to 179. [2022-07-22 17:40:22,023 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 179 states, 134 states have (on average 1.2686567164179106) internal successors, (170), 143 states have internal predecessors, (170), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2022-07-22 17:40:22,024 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 179 states to 179 states and 225 transitions. [2022-07-22 17:40:22,025 INFO L78 Accepts]: Start accepts. Automaton has 179 states and 225 transitions. Word has length 51 [2022-07-22 17:40:22,025 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:22,025 INFO L495 AbstractCegarLoop]: Abstraction has 179 states and 225 transitions. [2022-07-22 17:40:22,026 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:40:22,026 INFO L276 IsEmpty]: Start isEmpty. Operand 179 states and 225 transitions. [2022-07-22 17:40:22,027 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2022-07-22 17:40:22,028 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:22,029 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:22,029 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:40:22,029 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:22,029 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:22,029 INFO L85 PathProgramCache]: Analyzing trace with hash -1718008340, now seen corresponding path program 1 times [2022-07-22 17:40:22,029 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:22,030 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [167111994] [2022-07-22 17:40:22,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,030 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:22,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,127 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:22,129 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,135 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-07-22 17:40:22,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,152 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,160 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:22,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,162 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2022-07-22 17:40:22,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,170 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:40:22,170 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:22,170 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [167111994] [2022-07-22 17:40:22,170 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [167111994] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:22,170 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:22,170 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:40:22,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2037766971] [2022-07-22 17:40:22,171 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:22,171 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-07-22 17:40:22,171 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:22,171 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-07-22 17:40:22,171 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:40:22,172 INFO L87 Difference]: Start difference. First operand 179 states and 225 transitions. Second operand has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,386 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:22,386 INFO L93 Difference]: Finished difference Result 362 states and 456 transitions. [2022-07-22 17:40:22,386 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-07-22 17:40:22,386 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2022-07-22 17:40:22,387 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:22,388 INFO L225 Difference]: With dead ends: 362 [2022-07-22 17:40:22,388 INFO L226 Difference]: Without dead ends: 191 [2022-07-22 17:40:22,389 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:40:22,389 INFO L413 NwaCegarLoop]: 118 mSDtfsCounter, 162 mSDsluCounter, 404 mSDsCounter, 0 mSdLazyCounter, 251 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 169 SdHoareTripleChecker+Valid, 522 SdHoareTripleChecker+Invalid, 297 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 251 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:22,389 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [169 Valid, 522 Invalid, 297 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 251 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:40:22,390 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 191 states. [2022-07-22 17:40:22,410 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 191 to 177. [2022-07-22 17:40:22,411 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 132 states have (on average 1.2424242424242424) internal successors, (164), 141 states have internal predecessors, (164), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2022-07-22 17:40:22,412 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 219 transitions. [2022-07-22 17:40:22,412 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 219 transitions. Word has length 59 [2022-07-22 17:40:22,412 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:22,412 INFO L495 AbstractCegarLoop]: Abstraction has 177 states and 219 transitions. [2022-07-22 17:40:22,412 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 5 states have internal predecessors, (48), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,413 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 219 transitions. [2022-07-22 17:40:22,413 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-07-22 17:40:22,413 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:22,413 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:22,413 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:40:22,414 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:22,414 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:22,414 INFO L85 PathProgramCache]: Analyzing trace with hash -12885391, now seen corresponding path program 1 times [2022-07-22 17:40:22,427 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:22,427 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1717233692] [2022-07-22 17:40:22,427 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,428 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:22,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,465 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:22,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,474 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-07-22 17:40:22,477 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,480 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,498 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,524 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:22,525 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,526 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-22 17:40:22,527 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,528 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:22,528 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:22,528 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1717233692] [2022-07-22 17:40:22,528 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1717233692] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:22,528 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:22,528 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:40:22,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [358217499] [2022-07-22 17:40:22,529 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:22,529 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:40:22,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:22,529 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:40:22,529 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:40:22,530 INFO L87 Difference]: Start difference. First operand 177 states and 219 transitions. Second operand has 6 states, 6 states have (on average 8.666666666666666) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,701 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:22,701 INFO L93 Difference]: Finished difference Result 356 states and 455 transitions. [2022-07-22 17:40:22,701 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:40:22,701 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.666666666666666) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2022-07-22 17:40:22,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:22,702 INFO L225 Difference]: With dead ends: 356 [2022-07-22 17:40:22,702 INFO L226 Difference]: Without dead ends: 187 [2022-07-22 17:40:22,703 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:40:22,703 INFO L413 NwaCegarLoop]: 107 mSDtfsCounter, 81 mSDsluCounter, 317 mSDsCounter, 0 mSdLazyCounter, 146 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 424 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 146 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:22,704 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 424 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 146 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:22,704 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 187 states. [2022-07-22 17:40:22,711 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 187 to 180. [2022-07-22 17:40:22,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 180 states, 135 states have (on average 1.237037037037037) internal successors, (167), 144 states have internal predecessors, (167), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2022-07-22 17:40:22,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 180 states to 180 states and 222 transitions. [2022-07-22 17:40:22,712 INFO L78 Accepts]: Start accepts. Automaton has 180 states and 222 transitions. Word has length 65 [2022-07-22 17:40:22,712 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:22,712 INFO L495 AbstractCegarLoop]: Abstraction has 180 states and 222 transitions. [2022-07-22 17:40:22,712 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.666666666666666) internal successors, (52), 5 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,712 INFO L276 IsEmpty]: Start isEmpty. Operand 180 states and 222 transitions. [2022-07-22 17:40:22,713 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-07-22 17:40:22,713 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:22,713 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:22,713 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-22 17:40:22,713 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:22,713 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:22,713 INFO L85 PathProgramCache]: Analyzing trace with hash 1373318003, now seen corresponding path program 1 times [2022-07-22 17:40:22,713 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:22,714 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1601715467] [2022-07-22 17:40:22,714 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,714 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:22,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,733 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:22,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,736 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-07-22 17:40:22,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,742 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,754 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:22,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,756 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-22 17:40:22,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,758 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:22,758 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:22,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1601715467] [2022-07-22 17:40:22,758 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1601715467] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:22,758 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:22,758 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:40:22,758 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1614475907] [2022-07-22 17:40:22,758 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:22,758 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:40:22,758 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:22,759 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:40:22,759 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:40:22,759 INFO L87 Difference]: Start difference. First operand 180 states and 222 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,879 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:22,880 INFO L93 Difference]: Finished difference Result 362 states and 460 transitions. [2022-07-22 17:40:22,880 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:40:22,880 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 65 [2022-07-22 17:40:22,882 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:22,883 INFO L225 Difference]: With dead ends: 362 [2022-07-22 17:40:22,883 INFO L226 Difference]: Without dead ends: 190 [2022-07-22 17:40:22,883 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:40:22,885 INFO L413 NwaCegarLoop]: 109 mSDtfsCounter, 82 mSDsluCounter, 225 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 88 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:22,885 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [88 Valid, 334 Invalid, 134 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:22,886 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 190 states. [2022-07-22 17:40:22,893 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 190 to 182. [2022-07-22 17:40:22,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 182 states, 137 states have (on average 1.2335766423357664) internal successors, (169), 146 states have internal predecessors, (169), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2022-07-22 17:40:22,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 182 states to 182 states and 224 transitions. [2022-07-22 17:40:22,895 INFO L78 Accepts]: Start accepts. Automaton has 182 states and 224 transitions. Word has length 65 [2022-07-22 17:40:22,895 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:22,895 INFO L495 AbstractCegarLoop]: Abstraction has 182 states and 224 transitions. [2022-07-22 17:40:22,895 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:22,895 INFO L276 IsEmpty]: Start isEmpty. Operand 182 states and 224 transitions. [2022-07-22 17:40:22,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-07-22 17:40:22,896 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:22,896 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:22,896 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-22 17:40:22,896 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:22,897 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:22,897 INFO L85 PathProgramCache]: Analyzing trace with hash 2074917877, now seen corresponding path program 1 times [2022-07-22 17:40:22,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:22,897 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1801131997] [2022-07-22 17:40:22,897 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,897 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:22,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,931 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:22,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,935 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-07-22 17:40:22,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,945 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,954 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:22,956 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,957 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-22 17:40:22,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,958 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:22,958 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:22,958 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1801131997] [2022-07-22 17:40:22,958 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1801131997] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:22,959 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:22,959 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-22 17:40:22,959 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [506093129] [2022-07-22 17:40:22,959 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:22,959 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-22 17:40:22,959 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:22,960 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-22 17:40:22,960 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:40:22,960 INFO L87 Difference]: Start difference. First operand 182 states and 224 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2022-07-22 17:40:23,257 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:23,257 INFO L93 Difference]: Finished difference Result 498 states and 640 transitions. [2022-07-22 17:40:23,257 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:40:23,258 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 65 [2022-07-22 17:40:23,258 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:23,259 INFO L225 Difference]: With dead ends: 498 [2022-07-22 17:40:23,259 INFO L226 Difference]: Without dead ends: 324 [2022-07-22 17:40:23,260 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 13 SyntacticMatches, 2 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:40:23,260 INFO L413 NwaCegarLoop]: 161 mSDtfsCounter, 241 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 185 mSolverCounterSat, 80 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 249 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 265 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 80 IncrementalHoareTripleChecker+Valid, 185 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:23,260 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [249 Valid, 357 Invalid, 265 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [80 Valid, 185 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:40:23,261 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 324 states. [2022-07-22 17:40:23,271 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 324 to 322. [2022-07-22 17:40:23,271 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 322 states, 241 states have (on average 1.2074688796680497) internal successors, (291), 254 states have internal predecessors, (291), 42 states have call successors, (42), 35 states have call predecessors, (42), 38 states have return successors, (68), 43 states have call predecessors, (68), 42 states have call successors, (68) [2022-07-22 17:40:23,272 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 322 states to 322 states and 401 transitions. [2022-07-22 17:40:23,272 INFO L78 Accepts]: Start accepts. Automaton has 322 states and 401 transitions. Word has length 65 [2022-07-22 17:40:23,273 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:23,273 INFO L495 AbstractCegarLoop]: Abstraction has 322 states and 401 transitions. [2022-07-22 17:40:23,273 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 4 states have internal predecessors, (52), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2022-07-22 17:40:23,273 INFO L276 IsEmpty]: Start isEmpty. Operand 322 states and 401 transitions. [2022-07-22 17:40:23,273 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-07-22 17:40:23,273 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:23,273 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:23,273 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-22 17:40:23,274 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:23,274 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:23,274 INFO L85 PathProgramCache]: Analyzing trace with hash 843636315, now seen corresponding path program 1 times [2022-07-22 17:40:23,274 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:23,274 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1186429144] [2022-07-22 17:40:23,274 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:23,274 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:23,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,342 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:23,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,346 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-22 17:40:23,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,351 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-07-22 17:40:23,354 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,363 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:23,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,375 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:23,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,377 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2022-07-22 17:40:23,378 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:23,379 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:23,379 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:23,379 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1186429144] [2022-07-22 17:40:23,379 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1186429144] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:23,379 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:23,379 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-07-22 17:40:23,379 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1432128896] [2022-07-22 17:40:23,379 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:23,380 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-07-22 17:40:23,380 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:23,380 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-07-22 17:40:23,380 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:40:23,380 INFO L87 Difference]: Start difference. First operand 322 states and 401 transitions. Second operand has 10 states, 10 states have (on average 5.4) internal successors, (54), 8 states have internal predecessors, (54), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-07-22 17:40:23,982 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:23,983 INFO L93 Difference]: Finished difference Result 867 states and 1137 transitions. [2022-07-22 17:40:23,983 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-07-22 17:40:23,983 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 8 states have internal predecessors, (54), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 69 [2022-07-22 17:40:23,983 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:23,985 INFO L225 Difference]: With dead ends: 867 [2022-07-22 17:40:23,985 INFO L226 Difference]: Without dead ends: 609 [2022-07-22 17:40:23,987 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 48 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 32 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 280 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=258, Invalid=864, Unknown=0, NotChecked=0, Total=1122 [2022-07-22 17:40:23,987 INFO L413 NwaCegarLoop]: 158 mSDtfsCounter, 733 mSDsluCounter, 400 mSDsCounter, 0 mSdLazyCounter, 661 mSolverCounterSat, 300 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 738 SdHoareTripleChecker+Valid, 558 SdHoareTripleChecker+Invalid, 961 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 300 IncrementalHoareTripleChecker+Valid, 661 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:23,987 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [738 Valid, 558 Invalid, 961 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [300 Valid, 661 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-22 17:40:23,988 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 609 states. [2022-07-22 17:40:24,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 609 to 500. [2022-07-22 17:40:24,016 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 500 states, 373 states have (on average 1.198391420911528) internal successors, (447), 396 states have internal predecessors, (447), 66 states have call successors, (66), 50 states have call predecessors, (66), 60 states have return successors, (108), 66 states have call predecessors, (108), 66 states have call successors, (108) [2022-07-22 17:40:24,018 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 500 states to 500 states and 621 transitions. [2022-07-22 17:40:24,018 INFO L78 Accepts]: Start accepts. Automaton has 500 states and 621 transitions. Word has length 69 [2022-07-22 17:40:24,018 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:24,018 INFO L495 AbstractCegarLoop]: Abstraction has 500 states and 621 transitions. [2022-07-22 17:40:24,018 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.4) internal successors, (54), 8 states have internal predecessors, (54), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2022-07-22 17:40:24,018 INFO L276 IsEmpty]: Start isEmpty. Operand 500 states and 621 transitions. [2022-07-22 17:40:24,019 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 124 [2022-07-22 17:40:24,019 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:24,020 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:24,020 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-22 17:40:24,020 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:24,020 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:24,020 INFO L85 PathProgramCache]: Analyzing trace with hash 2033626689, now seen corresponding path program 1 times [2022-07-22 17:40:24,020 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:24,020 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [843895136] [2022-07-22 17:40:24,020 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:24,020 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:24,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,061 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:24,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,069 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-22 17:40:24,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,080 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:40:24,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,086 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-07-22 17:40:24,088 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,091 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:24,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,095 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:24,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,097 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2022-07-22 17:40:24,097 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,104 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 86 [2022-07-22 17:40:24,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,106 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 93 [2022-07-22 17:40:24,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,108 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-07-22 17:40:24,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,110 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:24,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,110 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 115 [2022-07-22 17:40:24,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,112 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 16 proven. 13 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-07-22 17:40:24,112 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:24,112 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [843895136] [2022-07-22 17:40:24,112 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [843895136] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:40:24,112 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [561916429] [2022-07-22 17:40:24,112 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:24,112 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:40:24,112 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:40:24,130 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:40:24,131 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:40:24,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,253 INFO L263 TraceCheckSpWp]: Trace formula consists of 541 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-22 17:40:24,259 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:40:24,460 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 31 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:40:24,460 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:40:24,599 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 19 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-07-22 17:40:24,600 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [561916429] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:40:24,600 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:40:24,600 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-07-22 17:40:24,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [474906886] [2022-07-22 17:40:24,600 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:40:24,601 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-07-22 17:40:24,601 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:24,601 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-07-22 17:40:24,601 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:40:24,601 INFO L87 Difference]: Start difference. First operand 500 states and 621 transitions. Second operand has 15 states, 15 states have (on average 9.6) internal successors, (144), 10 states have internal predecessors, (144), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) [2022-07-22 17:40:25,312 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:25,312 INFO L93 Difference]: Finished difference Result 1031 states and 1308 transitions. [2022-07-22 17:40:25,312 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-07-22 17:40:25,313 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 9.6) internal successors, (144), 10 states have internal predecessors, (144), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) Word has length 123 [2022-07-22 17:40:25,313 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:25,313 INFO L225 Difference]: With dead ends: 1031 [2022-07-22 17:40:25,313 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:40:25,316 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 317 GetRequests, 279 SyntacticMatches, 1 SemanticMatches, 37 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 324 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=345, Invalid=1137, Unknown=0, NotChecked=0, Total=1482 [2022-07-22 17:40:25,317 INFO L413 NwaCegarLoop]: 232 mSDtfsCounter, 545 mSDsluCounter, 956 mSDsCounter, 0 mSdLazyCounter, 1093 mSolverCounterSat, 274 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 550 SdHoareTripleChecker+Valid, 1188 SdHoareTripleChecker+Invalid, 1367 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 274 IncrementalHoareTripleChecker+Valid, 1093 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:25,318 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [550 Valid, 1188 Invalid, 1367 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [274 Valid, 1093 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-22 17:40:25,318 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:40:25,318 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:40:25,318 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:40:25,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:40:25,319 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 123 [2022-07-22 17:40:25,319 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:25,319 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:40:25,320 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 9.6) internal successors, (144), 10 states have internal predecessors, (144), 6 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 6 states have call successors, (23) [2022-07-22 17:40:25,320 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:40:25,320 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:40:25,322 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:40:25,356 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:40:25,539 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-22 17:40:25,541 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:40:28,409 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 203 210) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= 1 ~systemActive~0)) (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 2)) (not (<= 1 ~switchedOnBeforeTS~0))) [2022-07-22 17:40:28,410 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 203 210) no Hoare annotation was computed. [2022-07-22 17:40:28,410 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 203 210) no Hoare annotation was computed. [2022-07-22 17:40:28,410 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 93 99) no Hoare annotation was computed. [2022-07-22 17:40:28,411 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 93 99) the Hoare annotation is: true [2022-07-22 17:40:28,411 INFO L895 garLoopResultBuilder]: At program point L141(line 141) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:40:28,411 INFO L895 garLoopResultBuilder]: At program point L137(line 137) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:40:28,411 INFO L899 garLoopResultBuilder]: For program point L135(lines 135 143) no Hoare annotation was computed. [2022-07-22 17:40:28,411 INFO L899 garLoopResultBuilder]: For program point L131(lines 131 148) no Hoare annotation was computed. [2022-07-22 17:40:28,411 INFO L895 garLoopResultBuilder]: At program point L899(lines 894 902) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:40:28,412 INFO L895 garLoopResultBuilder]: At program point L146(line 146) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:28,412 INFO L899 garLoopResultBuilder]: For program point L146-1(lines 127 151) no Hoare annotation was computed. [2022-07-22 17:40:28,412 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 127 151) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-07-22 17:40:28,413 INFO L895 garLoopResultBuilder]: At program point L301(lines 286 304) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:40:28,413 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 127 151) no Hoare annotation was computed. [2022-07-22 17:40:28,413 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 299) no Hoare annotation was computed. [2022-07-22 17:40:28,413 INFO L899 garLoopResultBuilder]: For program point L295-2(lines 295 299) no Hoare annotation was computed. [2022-07-22 17:40:28,413 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 222 230) no Hoare annotation was computed. [2022-07-22 17:40:28,413 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 222 230) the Hoare annotation is: true [2022-07-22 17:40:28,414 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 222 230) no Hoare annotation was computed. [2022-07-22 17:40:28,414 INFO L899 garLoopResultBuilder]: For program point L831-1(lines 827 838) no Hoare annotation was computed. [2022-07-22 17:40:28,414 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 827 838) the Hoare annotation is: true [2022-07-22 17:40:28,415 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 827 838) no Hoare annotation was computed. [2022-07-22 17:40:28,415 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 905 934) no Hoare annotation was computed. [2022-07-22 17:40:28,415 INFO L899 garLoopResultBuilder]: For program point L926(line 926) no Hoare annotation was computed. [2022-07-22 17:40:28,415 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 905 934) the Hoare annotation is: true [2022-07-22 17:40:28,415 INFO L899 garLoopResultBuilder]: For program point L919(lines 919 923) no Hoare annotation was computed. [2022-07-22 17:40:28,416 INFO L902 garLoopResultBuilder]: At program point L919-1(lines 919 923) the Hoare annotation is: true [2022-07-22 17:40:28,416 INFO L899 garLoopResultBuilder]: For program point L916(line 916) no Hoare annotation was computed. [2022-07-22 17:40:28,416 INFO L902 garLoopResultBuilder]: At program point L915-2(lines 915 929) the Hoare annotation is: true [2022-07-22 17:40:28,416 INFO L902 garLoopResultBuilder]: At program point L911(line 911) the Hoare annotation is: true [2022-07-22 17:40:28,416 INFO L899 garLoopResultBuilder]: For program point L911-1(line 911) no Hoare annotation was computed. [2022-07-22 17:40:28,416 INFO L902 garLoopResultBuilder]: At program point L930(lines 905 934) the Hoare annotation is: true [2022-07-22 17:40:28,416 INFO L895 garLoopResultBuilder]: At program point L159(line 159) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:40:28,416 INFO L899 garLoopResultBuilder]: For program point L159-1(line 159) no Hoare annotation was computed. [2022-07-22 17:40:28,417 INFO L895 garLoopResultBuilder]: At program point L345(line 345) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (or .cse8 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse5) (or .cse8 .cse0 .cse5 .cse6) (let ((.cse9 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse9 .cse4) .cse5 (and .cse2 .cse9 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-22 17:40:28,417 INFO L899 garLoopResultBuilder]: For program point L345-1(line 345) no Hoare annotation was computed. [2022-07-22 17:40:28,417 INFO L895 garLoopResultBuilder]: At program point L172(line 172) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:40:28,417 INFO L895 garLoopResultBuilder]: At program point L172-1(lines 153 177) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse6 .cse7) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse7) .cse5)) (let ((.cse8 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse6 .cse8 .cse4) .cse5 (and .cse2 .cse8 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-22 17:40:28,417 INFO L899 garLoopResultBuilder]: For program point L73(lines 73 79) no Hoare annotation was computed. [2022-07-22 17:40:28,417 INFO L899 garLoopResultBuilder]: For program point L73-2(lines 69 91) no Hoare annotation was computed. [2022-07-22 17:40:28,417 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 66 92) no Hoare annotation was computed. [2022-07-22 17:40:28,418 INFO L895 garLoopResultBuilder]: At program point L330(line 330) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-07-22 17:40:28,418 INFO L899 garLoopResultBuilder]: For program point L330-1(line 330) no Hoare annotation was computed. [2022-07-22 17:40:28,418 INFO L899 garLoopResultBuilder]: For program point L161(lines 161 169) no Hoare annotation was computed. [2022-07-22 17:40:28,418 INFO L899 garLoopResultBuilder]: For program point L157(lines 157 174) no Hoare annotation was computed. [2022-07-22 17:40:28,418 INFO L899 garLoopResultBuilder]: For program point L347(lines 347 357) no Hoare annotation was computed. [2022-07-22 17:40:28,418 INFO L899 garLoopResultBuilder]: For program point L343(lines 343 360) no Hoare annotation was computed. [2022-07-22 17:40:28,419 INFO L895 garLoopResultBuilder]: At program point L343-1(lines 335 363) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not .cse6)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|)))) (and (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse1 .cse2) .cse3 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse2) .cse4)) (let ((.cse7 (<= ~waterLevel~0 2))) (or .cse3 .cse5 (and .cse1 .cse6 .cse7 .cse8) .cse4 (and .cse9 .cse6 .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (or .cse0 .cse3 (and (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1|) (<= |timeShift_getWaterLevel_#res#1| 2) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse4 .cse10) (let ((.cse11 (= ~waterLevel~0 1))) (or (and .cse1 .cse6 .cse11 .cse8) .cse3 .cse5 (and .cse9 .cse6 .cse11 .cse8) .cse4 .cse10))))) [2022-07-22 17:40:28,419 INFO L899 garLoopResultBuilder]: For program point L1008(line 1008) no Hoare annotation was computed. [2022-07-22 17:40:28,419 INFO L895 garLoopResultBuilder]: At program point L876(lines 871 879) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse8 (and .cse7 .cse9) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse9) .cse5)) (or .cse8 .cse0 .cse5 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse6) (let ((.cse10 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse10 .cse4) .cse5 (and .cse2 .cse10 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-22 17:40:28,419 INFO L899 garLoopResultBuilder]: For program point L348(lines 348 354) no Hoare annotation was computed. [2022-07-22 17:40:28,419 INFO L895 garLoopResultBuilder]: At program point L1009(lines 1004 1011) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-07-22 17:40:28,419 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 66 92) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-07-22 17:40:28,420 INFO L899 garLoopResultBuilder]: For program point L80-1(lines 80 86) no Hoare annotation was computed. [2022-07-22 17:40:28,420 INFO L895 garLoopResultBuilder]: At program point L332(lines 325 334) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-22 17:40:28,420 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 66 92) no Hoare annotation was computed. [2022-07-22 17:40:28,420 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 1008) no Hoare annotation was computed. [2022-07-22 17:40:28,420 INFO L899 garLoopResultBuilder]: For program point L807(lines 807 811) no Hoare annotation was computed. [2022-07-22 17:40:28,420 INFO L895 garLoopResultBuilder]: At program point L167(line 167) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:40:28,420 INFO L895 garLoopResultBuilder]: At program point L807-2(lines 803 814) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:40:28,420 INFO L895 garLoopResultBuilder]: At program point L163(line 163) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-07-22 17:40:28,421 INFO L895 garLoopResultBuilder]: At program point L1043(lines 1038 1046) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:28,422 INFO L895 garLoopResultBuilder]: At program point L1035(lines 1031 1037) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L416(lines 416 420) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L990(lines 990 997) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L895 garLoopResultBuilder]: At program point L416-2(lines 408 421) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L990-2(lines 990 997) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L379(lines 378 425) no Hoare annotation was computed. [2022-07-22 17:40:28,422 INFO L899 garLoopResultBuilder]: For program point L408(lines 408 421) no Hoare annotation was computed. [2022-07-22 17:40:28,423 INFO L895 garLoopResultBuilder]: At program point L400(line 400) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:40:28,423 INFO L902 garLoopResultBuilder]: At program point L974(lines 966 976) the Hoare annotation is: true [2022-07-22 17:40:28,423 INFO L902 garLoopResultBuilder]: At program point L429(lines 368 433) the Hoare annotation is: true [2022-07-22 17:40:28,423 INFO L902 garLoopResultBuilder]: At program point L999(lines 980 1002) the Hoare annotation is: true [2022-07-22 17:40:28,423 INFO L895 garLoopResultBuilder]: At program point L1028(lines 1024 1030) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:28,423 INFO L899 garLoopResultBuilder]: For program point L388(lines 388 394) no Hoare annotation was computed. [2022-07-22 17:40:28,423 INFO L899 garLoopResultBuilder]: For program point L388-1(lines 388 394) no Hoare annotation was computed. [2022-07-22 17:40:28,424 INFO L895 garLoopResultBuilder]: At program point L322(lines 317 324) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:28,424 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:40:28,424 INFO L899 garLoopResultBuilder]: For program point L380(lines 380 384) no Hoare annotation was computed. [2022-07-22 17:40:28,424 INFO L895 garLoopResultBuilder]: At program point L310(lines 305 312) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:40:28,424 INFO L895 garLoopResultBuilder]: At program point L426(lines 377 427) the Hoare annotation is: false [2022-07-22 17:40:28,424 INFO L895 garLoopResultBuilder]: At program point L963(lines 959 965) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:28,424 INFO L899 garLoopResultBuilder]: For program point L398(lines 398 404) no Hoare annotation was computed. [2022-07-22 17:40:28,424 INFO L899 garLoopResultBuilder]: For program point L398-1(lines 398 404) no Hoare annotation was computed. [2022-07-22 17:40:28,425 INFO L895 garLoopResultBuilder]: At program point L423(lines 378 425) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:40:28,425 INFO L895 garLoopResultBuilder]: At program point L390(line 390) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-22 17:40:28,425 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 101 125) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-07-22 17:40:28,425 INFO L895 garLoopResultBuilder]: At program point L120(line 120) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-07-22 17:40:28,425 INFO L899 garLoopResultBuilder]: For program point L120-1(lines 101 125) no Hoare annotation was computed. [2022-07-22 17:40:28,426 INFO L899 garLoopResultBuilder]: For program point L884(lines 884 890) no Hoare annotation was computed. [2022-07-22 17:40:28,426 INFO L899 garLoopResultBuilder]: For program point L193(lines 193 199) no Hoare annotation was computed. [2022-07-22 17:40:28,426 INFO L895 garLoopResultBuilder]: At program point L191(line 191) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-07-22 17:40:28,426 INFO L895 garLoopResultBuilder]: At program point L193-2(lines 186 202) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (<= 2 ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse0) .cse1 .cse2 (and (= ~pumpRunning~0 0) .cse0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:28,426 INFO L899 garLoopResultBuilder]: For program point L191-1(line 191) no Hoare annotation was computed. [2022-07-22 17:40:28,426 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 101 125) no Hoare annotation was computed. [2022-07-22 17:40:28,426 INFO L895 garLoopResultBuilder]: At program point L282(lines 267 285) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse1 .cse2 (and .cse0 (<= 2 ~waterLevel~0)))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:28,426 INFO L895 garLoopResultBuilder]: At program point L889(lines 880 893) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse2 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and .cse2 (<= 2 ~waterLevel~0)) (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse2))))) [2022-07-22 17:40:28,427 INFO L895 garLoopResultBuilder]: At program point L183(lines 178 185) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0)) .cse0 .cse1))) [2022-07-22 17:40:28,427 INFO L899 garLoopResultBuilder]: For program point L276(lines 276 280) no Hoare annotation was computed. [2022-07-22 17:40:28,428 INFO L895 garLoopResultBuilder]: At program point L115(line 115) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:28,428 INFO L899 garLoopResultBuilder]: For program point L276-2(lines 276 280) no Hoare annotation was computed. [2022-07-22 17:40:28,428 INFO L899 garLoopResultBuilder]: For program point L109(lines 109 117) no Hoare annotation was computed. [2022-07-22 17:40:28,428 INFO L899 garLoopResultBuilder]: For program point L105(lines 105 122) no Hoare annotation was computed. [2022-07-22 17:40:28,429 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 815 826) no Hoare annotation was computed. [2022-07-22 17:40:28,429 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 815 826) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3))) [2022-07-22 17:40:28,429 INFO L899 garLoopResultBuilder]: For program point L819-1(lines 815 826) no Hoare annotation was computed. [2022-07-22 17:40:28,429 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 211 221) the Hoare annotation is: true [2022-07-22 17:40:28,429 INFO L902 garLoopResultBuilder]: At program point L844(lines 839 847) the Hoare annotation is: true [2022-07-22 17:40:28,429 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 211 221) no Hoare annotation was computed. [2022-07-22 17:40:28,429 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 211 221) no Hoare annotation was computed. [2022-07-22 17:40:28,432 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:28,433 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:40:28,460 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:40:28 BoogieIcfgContainer [2022-07-22 17:40:28,461 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:40:28,461 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:40:28,461 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:40:28,461 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:40:28,462 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:20" (3/4) ... [2022-07-22 17:40:28,464 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:40:28,468 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-22 17:40:28,472 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:28,473 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-22 17:40:28,474 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-07-22 17:40:28,479 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 53 nodes and edges [2022-07-22 17:40:28,484 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:40:28,484 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:40:28,485 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:40:28,485 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:40:28,485 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:40:28,486 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:40:28,506 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:40:28,506 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-07-22 17:40:28,507 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-07-22 17:40:28,507 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:40:28,507 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:40:28,507 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:40:28,508 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-07-22 17:40:28,508 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-07-22 17:40:28,508 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) || (1 <= \result && pumpRunning == 0)) [2022-07-22 17:40:28,510 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-07-22 17:40:28,511 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-07-22 17:40:28,511 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \result == 0) && tmp___0 == 0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-07-22 17:40:28,541 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:40:28,541 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:40:28,542 INFO L158 Benchmark]: Toolchain (without parser) took 8421.25ms. Allocated memory was 113.2MB in the beginning and 218.1MB in the end (delta: 104.9MB). Free memory was 78.2MB in the beginning and 85.7MB in the end (delta: -7.6MB). Peak memory consumption was 98.3MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,542 INFO L158 Benchmark]: CDTParser took 0.17ms. Allocated memory is still 77.6MB. Free memory was 36.0MB in the beginning and 35.9MB in the end (delta: 49.7kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:40:28,542 INFO L158 Benchmark]: CACSL2BoogieTranslator took 302.17ms. Allocated memory is still 113.2MB. Free memory was 77.9MB in the beginning and 77.4MB in the end (delta: 519.6kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,542 INFO L158 Benchmark]: Boogie Procedure Inliner took 34.87ms. Allocated memory is still 113.2MB. Free memory was 77.4MB in the beginning and 74.7MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:40:28,542 INFO L158 Benchmark]: Boogie Preprocessor took 19.55ms. Allocated memory is still 113.2MB. Free memory was 74.7MB in the beginning and 73.2MB in the end (delta: 1.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,543 INFO L158 Benchmark]: RCFGBuilder took 400.50ms. Allocated memory is still 113.2MB. Free memory was 73.2MB in the beginning and 54.9MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,543 INFO L158 Benchmark]: TraceAbstraction took 7579.36ms. Allocated memory was 113.2MB in the beginning and 218.1MB in the end (delta: 104.9MB). Free memory was 54.4MB in the beginning and 93.1MB in the end (delta: -38.7MB). Peak memory consumption was 95.4MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,543 INFO L158 Benchmark]: Witness Printer took 80.25ms. Allocated memory is still 218.1MB. Free memory was 93.1MB in the beginning and 85.7MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:40:28,545 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.17ms. Allocated memory is still 77.6MB. Free memory was 36.0MB in the beginning and 35.9MB in the end (delta: 49.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 302.17ms. Allocated memory is still 113.2MB. Free memory was 77.9MB in the beginning and 77.4MB in the end (delta: 519.6kB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 34.87ms. Allocated memory is still 113.2MB. Free memory was 77.4MB in the beginning and 74.7MB in the end (delta: 2.7MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 19.55ms. Allocated memory is still 113.2MB. Free memory was 74.7MB in the beginning and 73.2MB in the end (delta: 1.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 400.50ms. Allocated memory is still 113.2MB. Free memory was 73.2MB in the beginning and 54.9MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 7579.36ms. Allocated memory was 113.2MB in the beginning and 218.1MB in the end (delta: 104.9MB). Free memory was 54.4MB in the beginning and 93.1MB in the end (delta: -38.7MB). Peak memory consumption was 95.4MB. Max. memory is 16.1GB. * Witness Printer took 80.25ms. Allocated memory is still 218.1MB. Free memory was 93.1MB in the beginning and 85.7MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1008]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 114 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 7.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 2.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2210 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2164 mSDsluCounter, 4112 SdHoareTripleChecker+Invalid, 1.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2728 mSDsCounter, 802 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2532 IncrementalHoareTripleChecker+Invalid, 3334 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 802 mSolverCounterUnsat, 1384 mSDtfsCounter, 2532 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 484 GetRequests, 376 SyntacticMatches, 3 SemanticMatches, 105 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 633 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=500occurred in iteration=9, InterpolantAutomatonStates: 101, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 146 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 53 LocationsWithAnnotation, 1198 PreInvPairs, 1404 NumberOfFragments, 2000 HoareAnnotationTreeSize, 1198 FomulaSimplifications, 704 FormulaSimplificationTreeSizeReduction, 0.2s HoareSimplificationTime, 53 FomulaSimplificationsInter, 8781 FormulaSimplificationTreeSizeReductionInter, 2.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.0s InterpolantComputationTime, 723 NumberOfCodeBlocks, 723 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 834 ConstructedInterpolants, 0 QuantifiedInterpolants, 1536 SizeOfPredicates, 3 NumberOfNonLiveVariables, 541 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 119/153 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 1031]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 305]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 905]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 803]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 894]: Loop Invariant Derived loop invariant: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 966]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 377]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 368]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 178]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 1038]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 880]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) || (1 <= \result && pumpRunning == 0)) - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 871]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 378]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 317]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 325]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 267]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \result == 0) && tmp___0 == 0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 1024]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 335]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 153]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 959]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 286]: Loop Invariant Derived loop invariant: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) RESULT: Ultimate proved your program to be correct! [2022-07-22 17:40:28,589 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE