./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version eb692b52 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b --- Real Ultimate output --- This is Ultimate 0.2.2-?-eb692b5 [2022-07-19 17:25:53,126 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-19 17:25:53,128 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-19 17:25:53,163 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-19 17:25:53,164 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-19 17:25:53,165 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-19 17:25:53,167 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-19 17:25:53,170 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-19 17:25:53,172 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-19 17:25:53,172 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-19 17:25:53,174 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-19 17:25:53,176 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-19 17:25:53,177 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-19 17:25:53,181 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-19 17:25:53,183 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-19 17:25:53,187 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-19 17:25:53,187 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-19 17:25:53,189 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-19 17:25:53,193 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-19 17:25:53,196 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-19 17:25:53,200 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-19 17:25:53,201 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-19 17:25:53,202 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-19 17:25:53,203 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-19 17:25:53,204 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-19 17:25:53,212 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-19 17:25:53,214 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-19 17:25:53,214 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-19 17:25:53,215 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-19 17:25:53,216 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-19 17:25:53,217 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-19 17:25:53,217 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-19 17:25:53,219 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-19 17:25:53,220 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-19 17:25:53,220 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-19 17:25:53,221 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-19 17:25:53,221 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-19 17:25:53,222 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-19 17:25:53,222 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-19 17:25:53,222 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-19 17:25:53,223 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-19 17:25:53,225 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-19 17:25:53,225 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-19 17:25:53,256 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-19 17:25:53,258 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-19 17:25:53,258 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-19 17:25:53,258 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-19 17:25:53,259 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-19 17:25:53,259 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-19 17:25:53,260 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-19 17:25:53,260 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-19 17:25:53,260 INFO L138 SettingsManager]: * Use SBE=true [2022-07-19 17:25:53,261 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-19 17:25:53,261 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-19 17:25:53,262 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-19 17:25:53,262 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-19 17:25:53,262 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-19 17:25:53,262 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-19 17:25:53,262 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-19 17:25:53,263 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-19 17:25:53,263 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-19 17:25:53,263 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-19 17:25:53,263 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-19 17:25:53,263 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-19 17:25:53,264 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-19 17:25:53,264 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-19 17:25:53,264 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-19 17:25:53,265 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:53,265 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-19 17:25:53,265 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-19 17:25:53,265 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-19 17:25:53,265 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-19 17:25:53,266 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-19 17:25:53,266 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-19 17:25:53,266 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-19 17:25:53,266 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-19 17:25:53,267 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 06101f936f6436bac89af152aefce31c84cfc20ba80a5adfcf1af02faa2d4f3b [2022-07-19 17:25:53,517 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-19 17:25:53,551 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-19 17:25:53,553 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-19 17:25:53,555 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-19 17:25:53,555 INFO L275 PluginConnector]: CDTParser initialized [2022-07-19 17:25:53,556 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-19 17:25:53,619 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1108f8d57/7d08871a0a3c4787bccd594ec0291b91/FLAG245a34a68 [2022-07-19 17:25:54,041 INFO L306 CDTParser]: Found 1 translation units. [2022-07-19 17:25:54,042 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c [2022-07-19 17:25:54,054 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1108f8d57/7d08871a0a3c4787bccd594ec0291b91/FLAG245a34a68 [2022-07-19 17:25:54,373 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/1108f8d57/7d08871a0a3c4787bccd594ec0291b91 [2022-07-19 17:25:54,375 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-19 17:25:54,376 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-19 17:25:54,377 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:54,377 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-19 17:25:54,381 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-19 17:25:54,381 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,382 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1506374d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54, skipping insertion in model container [2022-07-19 17:25:54,382 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,387 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-19 17:25:54,425 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-19 17:25:54,597 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-19 17:25:54,681 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:54,692 INFO L203 MainTranslator]: Completed pre-run [2022-07-19 17:25:54,704 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product36.cil.c[2141,2154] [2022-07-19 17:25:54,797 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-19 17:25:54,817 INFO L208 MainTranslator]: Completed translation [2022-07-19 17:25:54,818 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54 WrapperNode [2022-07-19 17:25:54,818 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-19 17:25:54,820 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:54,820 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-19 17:25:54,820 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-19 17:25:54,826 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,850 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,882 INFO L137 Inliner]: procedures = 56, calls = 155, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 238 [2022-07-19 17:25:54,883 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-19 17:25:54,884 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-19 17:25:54,884 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-19 17:25:54,884 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-19 17:25:54,891 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,891 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,893 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,893 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,897 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,902 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,910 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,912 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-19 17:25:54,913 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-19 17:25:54,913 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-19 17:25:54,913 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-19 17:25:54,914 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (1/1) ... [2022-07-19 17:25:54,923 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-19 17:25:54,935 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:54,947 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-19 17:25:54,949 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-19 17:25:54,981 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-19 17:25:54,981 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-19 17:25:54,981 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-19 17:25:54,981 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-19 17:25:54,982 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-19 17:25:54,982 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-19 17:25:54,982 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-19 17:25:54,982 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-19 17:25:54,982 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-19 17:25:54,982 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-19 17:25:54,983 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-19 17:25:54,983 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-19 17:25:54,983 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-19 17:25:54,983 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-19 17:25:54,983 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-19 17:25:54,983 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-19 17:25:55,042 INFO L234 CfgBuilder]: Building ICFG [2022-07-19 17:25:55,043 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-19 17:25:55,312 INFO L275 CfgBuilder]: Performing block encoding [2022-07-19 17:25:55,319 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-19 17:25:55,320 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-19 17:25:55,322 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:55 BoogieIcfgContainer [2022-07-19 17:25:55,322 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-19 17:25:55,324 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-19 17:25:55,324 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-19 17:25:55,337 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-19 17:25:55,337 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.07 05:25:54" (1/3) ... [2022-07-19 17:25:55,342 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@80793bd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:55, skipping insertion in model container [2022-07-19 17:25:55,343 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.07 05:25:54" (2/3) ... [2022-07-19 17:25:55,343 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@80793bd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.07 05:25:55, skipping insertion in model container [2022-07-19 17:25:55,343 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:55" (3/3) ... [2022-07-19 17:25:55,345 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product36.cil.c [2022-07-19 17:25:55,359 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-19 17:25:55,367 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-19 17:25:55,415 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-19 17:25:55,420 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@1b9b8dab, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@3be07d18 [2022-07-19 17:25:55,421 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-19 17:25:55,425 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-07-19 17:25:55,434 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-19 17:25:55,435 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:55,436 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:55,436 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:55,441 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:55,441 INFO L85 PathProgramCache]: Analyzing trace with hash -1797931529, now seen corresponding path program 1 times [2022-07-19 17:25:55,450 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:55,451 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1845000568] [2022-07-19 17:25:55,451 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:55,452 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:55,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,643 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-19 17:25:55,652 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,663 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-19 17:25:55,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,687 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:55,690 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:55,691 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1845000568] [2022-07-19 17:25:55,692 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1845000568] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:55,692 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:55,693 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-19 17:25:55,694 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1226337769] [2022-07-19 17:25:55,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:55,700 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-19 17:25:55,701 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:55,732 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-19 17:25:55,734 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:55,737 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:55,768 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:55,768 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-07-19 17:25:55,769 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-19 17:25:55,771 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-19 17:25:55,771 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:55,778 INFO L225 Difference]: With dead ends: 161 [2022-07-19 17:25:55,778 INFO L226 Difference]: Without dead ends: 76 [2022-07-19 17:25:55,782 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-19 17:25:55,785 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:55,786 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:55,800 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-07-19 17:25:55,824 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-07-19 17:25:55,826 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-07-19 17:25:55,828 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-07-19 17:25:55,829 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-07-19 17:25:55,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:55,830 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-07-19 17:25:55,830 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:55,830 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-07-19 17:25:55,833 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-19 17:25:55,833 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:55,833 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:55,833 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-19 17:25:55,834 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:55,834 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:55,835 INFO L85 PathProgramCache]: Analyzing trace with hash -1521544977, now seen corresponding path program 1 times [2022-07-19 17:25:55,835 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:55,835 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [32123010] [2022-07-19 17:25:55,835 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:55,836 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:55,867 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,919 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-19 17:25:55,921 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,923 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-19 17:25:55,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:55,927 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:55,928 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:55,928 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [32123010] [2022-07-19 17:25:55,928 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [32123010] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:55,929 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:55,929 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:25:55,929 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1836697364] [2022-07-19 17:25:55,929 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:55,931 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:55,931 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:55,932 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:55,932 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:55,932 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:55,945 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:55,946 INFO L93 Difference]: Finished difference Result 112 states and 143 transitions. [2022-07-19 17:25:55,946 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:55,947 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-19 17:25:55,947 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:55,948 INFO L225 Difference]: With dead ends: 112 [2022-07-19 17:25:55,948 INFO L226 Difference]: Without dead ends: 67 [2022-07-19 17:25:55,949 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:55,950 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 18 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:55,951 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 146 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:55,952 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-07-19 17:25:55,958 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-07-19 17:25:55,958 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-07-19 17:25:55,959 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-07-19 17:25:55,960 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-07-19 17:25:55,960 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:55,960 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-07-19 17:25:55,960 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:55,961 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-07-19 17:25:55,962 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-07-19 17:25:55,962 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:55,962 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:55,962 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-19 17:25:55,963 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:55,963 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:55,963 INFO L85 PathProgramCache]: Analyzing trace with hash 1250979301, now seen corresponding path program 1 times [2022-07-19 17:25:55,964 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:55,964 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [799956617] [2022-07-19 17:25:55,964 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:55,964 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:55,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,030 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-19 17:25:56,033 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,035 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-07-19 17:25:56,037 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,039 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:56,039 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,039 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [799956617] [2022-07-19 17:25:56,040 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [799956617] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,040 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,040 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:25:56,040 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1966966624] [2022-07-19 17:25:56,040 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,041 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:56,041 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,041 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:56,041 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:56,042 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,092 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:56,092 INFO L93 Difference]: Finished difference Result 183 states and 238 transitions. [2022-07-19 17:25:56,093 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:56,093 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-07-19 17:25:56,094 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:56,095 INFO L225 Difference]: With dead ends: 183 [2022-07-19 17:25:56,095 INFO L226 Difference]: Without dead ends: 124 [2022-07-19 17:25:56,096 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:56,098 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 58 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 58 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 6 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:56,098 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [58 Valid, 176 Invalid, 6 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:56,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 124 states. [2022-07-19 17:25:56,113 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 124 to 119. [2022-07-19 17:25:56,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 119 states, 94 states have (on average 1.3404255319148937) internal successors, (126), 103 states have internal predecessors, (126), 14 states have call successors, (14), 10 states have call predecessors, (14), 10 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-07-19 17:25:56,124 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 119 states to 119 states and 154 transitions. [2022-07-19 17:25:56,125 INFO L78 Accepts]: Start accepts. Automaton has 119 states and 154 transitions. Word has length 38 [2022-07-19 17:25:56,125 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:56,125 INFO L495 AbstractCegarLoop]: Abstraction has 119 states and 154 transitions. [2022-07-19 17:25:56,126 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,126 INFO L276 IsEmpty]: Start isEmpty. Operand 119 states and 154 transitions. [2022-07-19 17:25:56,127 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-07-19 17:25:56,128 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:56,128 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:56,128 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-19 17:25:56,128 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:56,129 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:56,129 INFO L85 PathProgramCache]: Analyzing trace with hash 177136733, now seen corresponding path program 1 times [2022-07-19 17:25:56,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:56,129 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [7874080] [2022-07-19 17:25:56,130 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:56,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:56,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,203 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-19 17:25:56,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,211 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-07-19 17:25:56,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,222 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-19 17:25:56,222 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,222 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [7874080] [2022-07-19 17:25:56,223 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [7874080] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,223 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,223 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-19 17:25:56,223 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [101682617] [2022-07-19 17:25:56,224 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,224 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-19 17:25:56,224 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,225 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-19 17:25:56,225 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-19 17:25:56,225 INFO L87 Difference]: Start difference. First operand 119 states and 154 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:56,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:56,323 INFO L93 Difference]: Finished difference Result 324 states and 428 transitions. [2022-07-19 17:25:56,323 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-19 17:25:56,323 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-07-19 17:25:56,324 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:56,326 INFO L225 Difference]: With dead ends: 324 [2022-07-19 17:25:56,326 INFO L226 Difference]: Without dead ends: 213 [2022-07-19 17:25:56,328 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-07-19 17:25:56,329 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 42 mSDsluCounter, 312 mSDsCounter, 0 mSdLazyCounter, 55 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 408 SdHoareTripleChecker+Invalid, 64 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 55 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:56,330 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 408 Invalid, 64 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 55 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:56,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 213 states. [2022-07-19 17:25:56,353 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 213 to 201. [2022-07-19 17:25:56,354 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 156 states have (on average 1.3012820512820513) internal successors, (203), 167 states have internal predecessors, (203), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-19 17:25:56,355 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 255 transitions. [2022-07-19 17:25:56,356 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 255 transitions. Word has length 41 [2022-07-19 17:25:56,357 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:56,357 INFO L495 AbstractCegarLoop]: Abstraction has 201 states and 255 transitions. [2022-07-19 17:25:56,357 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-19 17:25:56,357 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 255 transitions. [2022-07-19 17:25:56,359 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-19 17:25:56,359 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:56,359 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:56,359 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-19 17:25:56,360 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:56,360 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:56,360 INFO L85 PathProgramCache]: Analyzing trace with hash -413128686, now seen corresponding path program 1 times [2022-07-19 17:25:56,361 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:56,361 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2034411530] [2022-07-19 17:25:56,361 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:56,361 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:56,382 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,413 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-19 17:25:56,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,418 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-19 17:25:56,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,424 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:56,424 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,425 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2034411530] [2022-07-19 17:25:56,425 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2034411530] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,425 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,425 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-07-19 17:25:56,426 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [324945756] [2022-07-19 17:25:56,427 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,431 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-07-19 17:25:56,432 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,432 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-07-19 17:25:56,432 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-07-19 17:25:56,433 INFO L87 Difference]: Start difference. First operand 201 states and 255 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,494 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:56,495 INFO L93 Difference]: Finished difference Result 431 states and 556 transitions. [2022-07-19 17:25:56,496 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-07-19 17:25:56,496 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-19 17:25:56,498 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:56,504 INFO L225 Difference]: With dead ends: 431 [2022-07-19 17:25:56,505 INFO L226 Difference]: Without dead ends: 238 [2022-07-19 17:25:56,509 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-07-19 17:25:56,515 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 40 mSDsluCounter, 268 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 366 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:56,518 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 366 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:56,520 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 238 states. [2022-07-19 17:25:56,547 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 238 to 207. [2022-07-19 17:25:56,548 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 207 states, 162 states have (on average 1.2901234567901234) internal successors, (209), 173 states have internal predecessors, (209), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-19 17:25:56,549 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 207 states to 207 states and 261 transitions. [2022-07-19 17:25:56,549 INFO L78 Accepts]: Start accepts. Automaton has 207 states and 261 transitions. Word has length 47 [2022-07-19 17:25:56,549 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:56,550 INFO L495 AbstractCegarLoop]: Abstraction has 207 states and 261 transitions. [2022-07-19 17:25:56,550 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,550 INFO L276 IsEmpty]: Start isEmpty. Operand 207 states and 261 transitions. [2022-07-19 17:25:56,551 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-19 17:25:56,551 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:56,551 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:56,552 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-19 17:25:56,552 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:56,552 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:56,552 INFO L85 PathProgramCache]: Analyzing trace with hash -2001476588, now seen corresponding path program 1 times [2022-07-19 17:25:56,553 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:56,553 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1213996078] [2022-07-19 17:25:56,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:56,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:56,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,593 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-19 17:25:56,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,596 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-19 17:25:56,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,598 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:56,598 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,598 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1213996078] [2022-07-19 17:25:56,598 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1213996078] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,599 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,599 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-19 17:25:56,599 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2058784747] [2022-07-19 17:25:56,599 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,599 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-19 17:25:56,599 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,600 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-19 17:25:56,600 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-19 17:25:56,600 INFO L87 Difference]: Start difference. First operand 207 states and 261 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,628 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:56,628 INFO L93 Difference]: Finished difference Result 438 states and 564 transitions. [2022-07-19 17:25:56,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-07-19 17:25:56,628 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-19 17:25:56,629 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:56,630 INFO L225 Difference]: With dead ends: 438 [2022-07-19 17:25:56,630 INFO L226 Difference]: Without dead ends: 239 [2022-07-19 17:25:56,631 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-19 17:25:56,632 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 27 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 262 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:56,632 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 262 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:56,633 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 239 states. [2022-07-19 17:25:56,646 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 239 to 211. [2022-07-19 17:25:56,647 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 166 states have (on average 1.283132530120482) internal successors, (213), 177 states have internal predecessors, (213), 24 states have call successors, (24), 20 states have call predecessors, (24), 20 states have return successors, (28), 24 states have call predecessors, (28), 24 states have call successors, (28) [2022-07-19 17:25:56,648 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 265 transitions. [2022-07-19 17:25:56,648 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 265 transitions. Word has length 47 [2022-07-19 17:25:56,649 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:56,649 INFO L495 AbstractCegarLoop]: Abstraction has 211 states and 265 transitions. [2022-07-19 17:25:56,649 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,649 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 265 transitions. [2022-07-19 17:25:56,650 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-07-19 17:25:56,650 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:56,651 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:56,651 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-19 17:25:56,651 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:56,651 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:56,651 INFO L85 PathProgramCache]: Analyzing trace with hash 604546966, now seen corresponding path program 1 times [2022-07-19 17:25:56,652 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:56,652 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [105444185] [2022-07-19 17:25:56,652 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:56,652 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:56,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,741 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-19 17:25:56,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,744 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-07-19 17:25:56,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,747 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:56,747 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,747 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [105444185] [2022-07-19 17:25:56,747 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [105444185] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,747 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,747 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-19 17:25:56,748 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1063303329] [2022-07-19 17:25:56,748 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,748 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-19 17:25:56,748 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-19 17:25:56,749 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:56,749 INFO L87 Difference]: Start difference. First operand 211 states and 265 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,774 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:56,774 INFO L93 Difference]: Finished difference Result 508 states and 643 transitions. [2022-07-19 17:25:56,774 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-19 17:25:56,774 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2022-07-19 17:25:56,775 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:56,776 INFO L225 Difference]: With dead ends: 508 [2022-07-19 17:25:56,776 INFO L226 Difference]: Without dead ends: 305 [2022-07-19 17:25:56,777 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 6 SyntacticMatches, 1 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-19 17:25:56,778 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 39 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:56,778 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 161 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-19 17:25:56,779 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 305 states. [2022-07-19 17:25:56,794 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 305 to 305. [2022-07-19 17:25:56,794 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 305 states, 240 states have (on average 1.25) internal successors, (300), 253 states have internal predecessors, (300), 36 states have call successors, (36), 30 states have call predecessors, (36), 28 states have return successors, (40), 34 states have call predecessors, (40), 36 states have call successors, (40) [2022-07-19 17:25:56,796 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 305 states to 305 states and 376 transitions. [2022-07-19 17:25:56,796 INFO L78 Accepts]: Start accepts. Automaton has 305 states and 376 transitions. Word has length 47 [2022-07-19 17:25:56,797 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:56,797 INFO L495 AbstractCegarLoop]: Abstraction has 305 states and 376 transitions. [2022-07-19 17:25:56,797 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-19 17:25:56,797 INFO L276 IsEmpty]: Start isEmpty. Operand 305 states and 376 transitions. [2022-07-19 17:25:56,799 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-07-19 17:25:56,799 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:56,800 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:56,800 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-19 17:25:56,800 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:56,800 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:56,800 INFO L85 PathProgramCache]: Analyzing trace with hash -542316420, now seen corresponding path program 1 times [2022-07-19 17:25:56,801 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:56,801 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1983575611] [2022-07-19 17:25:56,801 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:56,801 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:56,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,927 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:56,933 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,966 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-07-19 17:25:56,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,976 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-07-19 17:25:56,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:56,981 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-19 17:25:56,982 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:56,982 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1983575611] [2022-07-19 17:25:56,982 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1983575611] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:56,982 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:56,982 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-07-19 17:25:56,982 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [605028404] [2022-07-19 17:25:56,983 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:56,983 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-07-19 17:25:56,984 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:56,985 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-07-19 17:25:56,985 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-07-19 17:25:56,986 INFO L87 Difference]: Start difference. First operand 305 states and 376 transitions. Second operand has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-19 17:25:57,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:57,354 INFO L93 Difference]: Finished difference Result 1038 states and 1325 transitions. [2022-07-19 17:25:57,354 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-07-19 17:25:57,355 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2022-07-19 17:25:57,355 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:57,360 INFO L225 Difference]: With dead ends: 1038 [2022-07-19 17:25:57,361 INFO L226 Difference]: Without dead ends: 835 [2022-07-19 17:25:57,362 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-07-19 17:25:57,363 INFO L413 NwaCegarLoop]: 135 mSDtfsCounter, 228 mSDsluCounter, 533 mSDsCounter, 0 mSdLazyCounter, 287 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 237 SdHoareTripleChecker+Valid, 668 SdHoareTripleChecker+Invalid, 337 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 287 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:57,363 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [237 Valid, 668 Invalid, 337 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 287 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-19 17:25:57,365 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 835 states. [2022-07-19 17:25:57,426 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 835 to 771. [2022-07-19 17:25:57,428 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 771 states, 610 states have (on average 1.2327868852459016) internal successors, (752), 647 states have internal predecessors, (752), 88 states have call successors, (88), 66 states have call predecessors, (88), 72 states have return successors, (108), 84 states have call predecessors, (108), 88 states have call successors, (108) [2022-07-19 17:25:57,433 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 771 states to 771 states and 948 transitions. [2022-07-19 17:25:57,434 INFO L78 Accepts]: Start accepts. Automaton has 771 states and 948 transitions. Word has length 51 [2022-07-19 17:25:57,434 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:57,436 INFO L495 AbstractCegarLoop]: Abstraction has 771 states and 948 transitions. [2022-07-19 17:25:57,436 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-07-19 17:25:57,436 INFO L276 IsEmpty]: Start isEmpty. Operand 771 states and 948 transitions. [2022-07-19 17:25:57,440 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 82 [2022-07-19 17:25:57,440 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:57,441 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:57,441 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-19 17:25:57,441 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:57,442 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:57,442 INFO L85 PathProgramCache]: Analyzing trace with hash 8311452, now seen corresponding path program 1 times [2022-07-19 17:25:57,442 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:57,442 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1620155186] [2022-07-19 17:25:57,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:57,442 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:57,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,482 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:57,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,490 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-19 17:25:57,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,504 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:57,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,506 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-07-19 17:25:57,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,508 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2022-07-19 17:25:57,508 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,509 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-07-19 17:25:57,509 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:57,510 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1620155186] [2022-07-19 17:25:57,510 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1620155186] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-19 17:25:57,510 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-19 17:25:57,510 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-19 17:25:57,510 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2066074303] [2022-07-19 17:25:57,510 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-19 17:25:57,510 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-19 17:25:57,511 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:57,511 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-19 17:25:57,511 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-19 17:25:57,511 INFO L87 Difference]: Start difference. First operand 771 states and 948 transitions. Second operand has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-19 17:25:57,709 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:57,709 INFO L93 Difference]: Finished difference Result 1319 states and 1618 transitions. [2022-07-19 17:25:57,709 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-07-19 17:25:57,709 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 81 [2022-07-19 17:25:57,710 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:57,712 INFO L225 Difference]: With dead ends: 1319 [2022-07-19 17:25:57,712 INFO L226 Difference]: Without dead ends: 556 [2022-07-19 17:25:57,714 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=60, Unknown=0, NotChecked=0, Total=90 [2022-07-19 17:25:57,715 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 176 mSDsluCounter, 181 mSDsCounter, 0 mSdLazyCounter, 118 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 183 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 118 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:57,715 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [183 Valid, 307 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 118 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-19 17:25:57,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 556 states. [2022-07-19 17:25:57,740 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 556 to 540. [2022-07-19 17:25:57,741 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 540 states, 426 states have (on average 1.2183098591549295) internal successors, (519), 452 states have internal predecessors, (519), 62 states have call successors, (62), 48 states have call predecessors, (62), 51 states have return successors, (72), 59 states have call predecessors, (72), 62 states have call successors, (72) [2022-07-19 17:25:57,743 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 540 states to 540 states and 653 transitions. [2022-07-19 17:25:57,743 INFO L78 Accepts]: Start accepts. Automaton has 540 states and 653 transitions. Word has length 81 [2022-07-19 17:25:57,744 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:57,744 INFO L495 AbstractCegarLoop]: Abstraction has 540 states and 653 transitions. [2022-07-19 17:25:57,744 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 11.0) internal successors, (66), 4 states have internal predecessors, (66), 3 states have call successors, (6), 4 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-19 17:25:57,744 INFO L276 IsEmpty]: Start isEmpty. Operand 540 states and 653 transitions. [2022-07-19 17:25:57,745 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2022-07-19 17:25:57,745 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:57,745 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:57,745 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-19 17:25:57,745 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:57,746 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:57,746 INFO L85 PathProgramCache]: Analyzing trace with hash -1954817075, now seen corresponding path program 1 times [2022-07-19 17:25:57,746 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:57,746 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1151624099] [2022-07-19 17:25:57,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:57,746 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:57,761 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,811 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:57,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,831 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-19 17:25:57,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,866 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:57,867 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,868 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2022-07-19 17:25:57,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,881 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2022-07-19 17:25:57,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,887 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2022-07-19 17:25:57,888 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:57,889 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 8 proven. 17 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-19 17:25:57,890 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:57,890 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1151624099] [2022-07-19 17:25:57,890 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1151624099] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-19 17:25:57,890 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1544458096] [2022-07-19 17:25:57,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:57,891 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-19 17:25:57,891 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:57,899 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-19 17:25:57,923 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-19 17:25:57,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:58,002 INFO L263 TraceCheckSpWp]: Trace formula consists of 445 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-19 17:25:58,008 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-19 17:25:58,137 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-19 17:25:58,137 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-19 17:25:58,312 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-07-19 17:25:58,313 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1544458096] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-19 17:25:58,313 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-19 17:25:58,313 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 14 [2022-07-19 17:25:58,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1564488683] [2022-07-19 17:25:58,314 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-19 17:25:58,314 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-07-19 17:25:58,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:25:58,315 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-07-19 17:25:58,315 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=33, Invalid=149, Unknown=0, NotChecked=0, Total=182 [2022-07-19 17:25:58,315 INFO L87 Difference]: Start difference. First operand 540 states and 653 transitions. Second operand has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-19 17:25:59,117 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:25:59,118 INFO L93 Difference]: Finished difference Result 1139 states and 1413 transitions. [2022-07-19 17:25:59,118 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 36 states. [2022-07-19 17:25:59,118 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) Word has length 83 [2022-07-19 17:25:59,119 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:25:59,122 INFO L225 Difference]: With dead ends: 1139 [2022-07-19 17:25:59,122 INFO L226 Difference]: Without dead ends: 686 [2022-07-19 17:25:59,124 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 225 GetRequests, 182 SyntacticMatches, 1 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 481 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=393, Invalid=1499, Unknown=0, NotChecked=0, Total=1892 [2022-07-19 17:25:59,125 INFO L413 NwaCegarLoop]: 183 mSDtfsCounter, 356 mSDsluCounter, 860 mSDsCounter, 0 mSdLazyCounter, 566 mSolverCounterSat, 171 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 361 SdHoareTripleChecker+Valid, 1043 SdHoareTripleChecker+Invalid, 737 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 171 IncrementalHoareTripleChecker+Valid, 566 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-19 17:25:59,126 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [361 Valid, 1043 Invalid, 737 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [171 Valid, 566 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-19 17:25:59,127 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 686 states. [2022-07-19 17:25:59,162 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 686 to 580. [2022-07-19 17:25:59,163 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 449 states have (on average 1.2026726057906458) internal successors, (540), 479 states have internal predecessors, (540), 71 states have call successors, (71), 60 states have call predecessors, (71), 59 states have return successors, (77), 62 states have call predecessors, (77), 71 states have call successors, (77) [2022-07-19 17:25:59,183 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 688 transitions. [2022-07-19 17:25:59,183 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 688 transitions. Word has length 83 [2022-07-19 17:25:59,184 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:25:59,184 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 688 transitions. [2022-07-19 17:25:59,184 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.428571428571429) internal successors, (118), 10 states have internal predecessors, (118), 6 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (14), 8 states have call predecessors, (14), 6 states have call successors, (14) [2022-07-19 17:25:59,185 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 688 transitions. [2022-07-19 17:25:59,191 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 179 [2022-07-19 17:25:59,191 INFO L187 NwaCegarLoop]: Found error trace [2022-07-19 17:25:59,192 INFO L195 NwaCegarLoop]: trace histogram [6, 6, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:25:59,220 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-19 17:25:59,418 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-19 17:25:59,418 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-19 17:25:59,419 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-19 17:25:59,419 INFO L85 PathProgramCache]: Analyzing trace with hash 57448184, now seen corresponding path program 1 times [2022-07-19 17:25:59,419 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-19 17:25:59,419 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [390018505] [2022-07-19 17:25:59,419 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:59,419 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-19 17:25:59,442 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,482 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:59,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,492 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-07-19 17:25:59,494 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,496 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:59,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,498 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 55 [2022-07-19 17:25:59,499 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,501 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:59,502 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,503 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:59,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,504 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 87 [2022-07-19 17:25:59,506 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,545 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:59,546 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,547 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-19 17:25:59,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,548 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 123 [2022-07-19 17:25:59,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,567 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-19 17:25:59,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,570 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 150 [2022-07-19 17:25:59,571 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 170 [2022-07-19 17:25:59,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,574 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 120 proven. 8 refuted. 0 times theorem prover too weak. 145 trivial. 0 not checked. [2022-07-19 17:25:59,574 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-19 17:25:59,574 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [390018505] [2022-07-19 17:25:59,574 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [390018505] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-19 17:25:59,574 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1220335548] [2022-07-19 17:25:59,575 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-19 17:25:59,575 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-19 17:25:59,575 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-19 17:25:59,576 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-19 17:25:59,599 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-07-19 17:25:59,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-19 17:25:59,711 INFO L263 TraceCheckSpWp]: Trace formula consists of 699 conjuncts, 13 conjunts are in the unsatisfiable core [2022-07-19 17:25:59,717 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-19 17:25:59,937 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 177 proven. 4 refuted. 0 times theorem prover too weak. 92 trivial. 0 not checked. [2022-07-19 17:25:59,938 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-19 17:26:00,458 INFO L134 CoverageAnalysis]: Checked inductivity of 273 backedges. 114 proven. 61 refuted. 0 times theorem prover too weak. 98 trivial. 0 not checked. [2022-07-19 17:26:00,458 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1220335548] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-19 17:26:00,458 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-19 17:26:00,458 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 10, 11] total 26 [2022-07-19 17:26:00,458 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1408608448] [2022-07-19 17:26:00,459 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-19 17:26:00,459 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-07-19 17:26:00,460 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-19 17:26:00,460 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-07-19 17:26:00,460 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=122, Invalid=528, Unknown=0, NotChecked=0, Total=650 [2022-07-19 17:26:00,461 INFO L87 Difference]: Start difference. First operand 580 states and 688 transitions. Second operand has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-19 17:26:01,135 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-19 17:26:01,135 INFO L93 Difference]: Finished difference Result 1348 states and 1641 transitions. [2022-07-19 17:26:01,135 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-07-19 17:26:01,136 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) Word has length 178 [2022-07-19 17:26:01,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-19 17:26:01,137 INFO L225 Difference]: With dead ends: 1348 [2022-07-19 17:26:01,137 INFO L226 Difference]: Without dead ends: 0 [2022-07-19 17:26:01,140 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 416 GetRequests, 373 SyntacticMatches, 3 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 330 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=371, Invalid=1351, Unknown=0, NotChecked=0, Total=1722 [2022-07-19 17:26:01,140 INFO L413 NwaCegarLoop]: 123 mSDtfsCounter, 660 mSDsluCounter, 935 mSDsCounter, 0 mSdLazyCounter, 654 mSolverCounterSat, 190 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 663 SdHoareTripleChecker+Valid, 1058 SdHoareTripleChecker+Invalid, 844 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 190 IncrementalHoareTripleChecker+Valid, 654 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-07-19 17:26:01,141 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [663 Valid, 1058 Invalid, 844 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [190 Valid, 654 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-07-19 17:26:01,141 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-19 17:26:01,141 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-19 17:26:01,141 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-19 17:26:01,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-19 17:26:01,142 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 178 [2022-07-19 17:26:01,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-19 17:26:01,142 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-19 17:26:01,142 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 26 states have (on average 8.5) internal successors, (221), 23 states have internal predecessors, (221), 9 states have call successors, (22), 8 states have call predecessors, (22), 9 states have return successors, (24), 8 states have call predecessors, (24), 9 states have call successors, (24) [2022-07-19 17:26:01,142 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-19 17:26:01,142 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-19 17:26:01,145 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-19 17:26:01,174 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-07-19 17:26:01,359 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-07-19 17:26:01,361 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-19 17:26:06,633 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 140 146) no Hoare annotation was computed. [2022-07-19 17:26:06,633 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 140 146) the Hoare annotation is: true [2022-07-19 17:26:06,633 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 900 911) the Hoare annotation is: true [2022-07-19 17:26:06,633 INFO L899 garLoopResultBuilder]: For program point L904-1(lines 900 911) no Hoare annotation was computed. [2022-07-19 17:26:06,634 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 900 911) no Hoare annotation was computed. [2022-07-19 17:26:06,634 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 727 756) no Hoare annotation was computed. [2022-07-19 17:26:06,634 INFO L902 garLoopResultBuilder]: At program point L737-2(lines 737 751) the Hoare annotation is: true [2022-07-19 17:26:06,634 INFO L902 garLoopResultBuilder]: At program point L733(line 733) the Hoare annotation is: true [2022-07-19 17:26:06,635 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 727 756) the Hoare annotation is: true [2022-07-19 17:26:06,635 INFO L899 garLoopResultBuilder]: For program point L733-1(line 733) no Hoare annotation was computed. [2022-07-19 17:26:06,635 INFO L902 garLoopResultBuilder]: At program point L752(lines 727 756) the Hoare annotation is: true [2022-07-19 17:26:06,635 INFO L899 garLoopResultBuilder]: For program point L748(line 748) no Hoare annotation was computed. [2022-07-19 17:26:06,635 INFO L899 garLoopResultBuilder]: For program point L741(lines 741 745) no Hoare annotation was computed. [2022-07-19 17:26:06,635 INFO L902 garLoopResultBuilder]: At program point L741-1(lines 741 745) the Hoare annotation is: true [2022-07-19 17:26:06,635 INFO L899 garLoopResultBuilder]: For program point L738(line 738) no Hoare annotation was computed. [2022-07-19 17:26:06,636 INFO L899 garLoopResultBuilder]: For program point L254(lines 254 258) no Hoare annotation was computed. [2022-07-19 17:26:06,636 INFO L895 garLoopResultBuilder]: At program point L93(lines 88 95) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse2 .cse1))) [2022-07-19 17:26:06,636 INFO L899 garLoopResultBuilder]: For program point L254-2(lines 254 258) no Hoare annotation was computed. [2022-07-19 17:26:06,636 INFO L899 garLoopResultBuilder]: For program point L857(lines 857 863) no Hoare annotation was computed. [2022-07-19 17:26:06,636 INFO L895 garLoopResultBuilder]: At program point L841(lines 834 843) the Hoare annotation is: (let ((.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse6 (<= 1 ~switchedOnBeforeTS~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) .cse6)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5 .cse3) (or .cse0 .cse1 .cse3 (not (= 0 ~systemActive~0)))))) [2022-07-19 17:26:06,636 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 113 139) no Hoare annotation was computed. [2022-07-19 17:26:06,637 INFO L899 garLoopResultBuilder]: For program point L127-1(lines 127 133) no Hoare annotation was computed. [2022-07-19 17:26:06,637 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2022-07-19 17:26:06,637 INFO L899 garLoopResultBuilder]: For program point L156(lines 156 164) no Hoare annotation was computed. [2022-07-19 17:26:06,637 INFO L899 garLoopResultBuilder]: For program point L152(lines 152 169) no Hoare annotation was computed. [2022-07-19 17:26:06,637 INFO L895 garLoopResultBuilder]: At program point L854(line 854) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse14 (<= ~waterLevel~0 1)) (.cse6 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse8 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse13 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (and .cse4 .cse5 .cse14 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6 .cse8)) (.cse9 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (< 1 |old(~waterLevel~0)|))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 .cse5 .cse6 .cse7 .cse8) .cse9) (or .cse10 .cse1 .cse11 .cse12) (or .cse0 .cse10 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse13 .cse5 .cse6 .cse7)) (or .cse10 .cse12 (and .cse13 .cse5 .cse14 .cse6 .cse7) (not (= 0 ~systemActive~0))) (or .cse1 .cse2 (not (= |old(~waterLevel~0)| 2)) .cse3) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2 .cse3 .cse9) (or .cse1 .cse2 .cse11 (= ~waterLevel~0 1) .cse12)))) [2022-07-19 17:26:06,638 INFO L895 garLoopResultBuilder]: At program point L949(lines 944 952) the Hoare annotation is: (let ((.cse8 (<= 1 ~pumpRunning~0)) (.cse9 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse13 (= 1 ~systemActive~0)) (.cse10 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse7 (and .cse8 .cse9 (<= ~waterLevel~0 1) .cse13 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse10)) (.cse12 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (not .cse13)) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2) .cse3 (not (= |old(~waterLevel~0)| 2)) .cse4) (or .cse5 .cse6 .cse7 (and .cse8 .cse9 .cse2 .cse10) .cse11 .cse12) (or (not (= |old(~waterLevel~0)| 1)) .cse5 .cse6 .cse7 .cse12) (or .cse3 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) .cse0 .cse9 .cse2) .cse5 .cse11 (and .cse8 (= 2 ~waterLevel~0) .cse1 .cse2)) (or (not (<= |old(~waterLevel~0)| 1)) .cse3 (and .cse0 .cse9 .cse2) .cse4) (or .cse5 .cse6 (not (< 1 |old(~waterLevel~0)|)) .cse11 (and .cse8 .cse9 (= ~waterLevel~0 1) .cse10))))) [2022-07-19 17:26:06,638 INFO L899 garLoopResultBuilder]: For program point L854-1(line 854) no Hoare annotation was computed. [2022-07-19 17:26:06,638 INFO L895 garLoopResultBuilder]: At program point L260(lines 245 263) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and .cse4 (= |timeShift_isHighWaterLevel_~tmp___0~0#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) .cse5) (and .cse4 (= 2 ~waterLevel~0) .cse5) .cse1)) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-19 17:26:06,638 INFO L895 garLoopResultBuilder]: At program point L962(lines 953 966) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse3 .cse4) (and .cse3 (= 2 ~waterLevel~0) .cse4) .cse1)) (or .cse2 .cse5 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-19 17:26:06,638 INFO L899 garLoopResultBuilder]: For program point L120(lines 120 126) no Hoare annotation was computed. [2022-07-19 17:26:06,639 INFO L899 garLoopResultBuilder]: For program point L120-2(lines 116 138) no Hoare annotation was computed. [2022-07-19 17:26:06,639 INFO L895 garLoopResultBuilder]: At program point L178(lines 173 180) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-19 17:26:06,639 INFO L899 garLoopResultBuilder]: For program point L880(lines 880 884) no Hoare annotation was computed. [2022-07-19 17:26:06,639 INFO L895 garLoopResultBuilder]: At program point L880-2(lines 876 887) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-19 17:26:06,639 INFO L895 garLoopResultBuilder]: At program point L839(line 839) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-19 17:26:06,639 INFO L899 garLoopResultBuilder]: For program point L839-1(line 839) no Hoare annotation was computed. [2022-07-19 17:26:06,640 INFO L895 garLoopResultBuilder]: At program point L162(line 162) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 .cse1 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-19 17:26:06,640 INFO L899 garLoopResultBuilder]: For program point L92(line 92) no Hoare annotation was computed. [2022-07-19 17:26:06,640 INFO L899 garLoopResultBuilder]: For program point L856(lines 856 866) no Hoare annotation was computed. [2022-07-19 17:26:06,640 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 869) no Hoare annotation was computed. [2022-07-19 17:26:06,640 INFO L895 garLoopResultBuilder]: At program point L852-1(lines 844 872) the Hoare annotation is: (let ((.cse10 (= 1 ~systemActive~0)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~7#1| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (and .cse2 .cse3 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse4 .cse5)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse14 (not (= 0 ~systemActive~0))) (.cse8 (= |timeShift_processEnvironment_~tmp~0#1| 0)) (.cse9 (= ~pumpRunning~0 0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse10)) (.cse16 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5) (not (<= |old(~waterLevel~0)| 2))) (or .cse6 .cse7 (and .cse8 .cse9 .cse3 .cse10 .cse4 .cse11) .cse0) (or .cse6 .cse0 .cse1 .cse12 (and .cse2 .cse3 .cse4 .cse11 .cse5) .cse13) (or .cse6 .cse7 (and .cse9 .cse3 .cse4 .cse11) .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse12 .cse13) (or .cse7 .cse15 .cse14 (and .cse9 .cse16 .cse4 .cse11)) (or (and .cse8 .cse9 .cse16 .cse10 .cse4 .cse11) .cse7 .cse0 (and .cse2 .cse16 .cse4 .cse11) .cse15)))) [2022-07-19 17:26:06,641 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 113 139) the Hoare annotation is: (let ((.cse6 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (and (= ~pumpRunning~0 0) .cse6 .cse9)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or .cse0 .cse7 .cse1 .cse8) (or .cse7 .cse2 .cse4 (and .cse5 .cse6 .cse9) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse8)))) [2022-07-19 17:26:06,641 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 113 139) no Hoare annotation was computed. [2022-07-19 17:26:06,641 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 92) no Hoare annotation was computed. [2022-07-19 17:26:06,641 INFO L895 garLoopResultBuilder]: At program point L167(line 167) the Hoare annotation is: (let ((.cse4 (<= 1 ~pumpRunning~0)) (.cse8 (= 1 ~systemActive~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse8 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse8)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0) .cse5) .cse6 .cse2 .cse3) (or .cse7 .cse6 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse7 .cse0 .cse6) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse6)))) [2022-07-19 17:26:06,641 INFO L895 garLoopResultBuilder]: At program point L167-1(lines 148 172) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse11 (= 1 ~systemActive~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (and .cse4 (<= ~waterLevel~0 1) .cse11 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse6)) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (and (= |timeShift_processEnvironment_~tmp~0#1| 0) (= ~pumpRunning~0 0) .cse11 .cse5)) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not .cse11)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (and .cse4 .cse5 .cse6) .cse7 .cse2 .cse3) (or .cse8 .cse7 (not (= 0 ~systemActive~0))) (or .cse0 .cse1 .cse9 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse10) (or .cse8 .cse0 .cse10 (and .cse4 .cse5) .cse9) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse7)))) [2022-07-19 17:26:06,641 INFO L895 garLoopResultBuilder]: At program point L717(lines 666 718) the Hoare annotation is: false [2022-07-19 17:26:06,642 INFO L899 garLoopResultBuilder]: For program point L705(lines 705 711) no Hoare annotation was computed. [2022-07-19 17:26:06,642 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-19 17:26:06,642 INFO L895 garLoopResultBuilder]: At program point L705-2(lines 697 712) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-19 17:26:06,642 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-19 17:26:06,642 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-19 17:26:06,642 INFO L899 garLoopResultBuilder]: For program point L668(lines 667 716) no Hoare annotation was computed. [2022-07-19 17:26:06,642 INFO L895 garLoopResultBuilder]: At program point L284(lines 279 286) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-19 17:26:06,643 INFO L899 garLoopResultBuilder]: For program point L697(lines 697 712) no Hoare annotation was computed. [2022-07-19 17:26:06,643 INFO L895 garLoopResultBuilder]: At program point L276(lines 264 278) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (= 0 ~systemActive~0)) [2022-07-19 17:26:06,643 INFO L895 garLoopResultBuilder]: At program point L689(line 689) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse3 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse3 .cse1 .cse2) (and .cse4 (= 2 ~waterLevel~0) .cse3 .cse1) (and .cse4 .cse3 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-07-19 17:26:06,643 INFO L899 garLoopResultBuilder]: For program point L268(lines 268 274) no Hoare annotation was computed. [2022-07-19 17:26:06,643 INFO L899 garLoopResultBuilder]: For program point L268-2(lines 268 274) no Hoare annotation was computed. [2022-07-19 17:26:06,643 INFO L895 garLoopResultBuilder]: At program point L714(lines 667 716) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-19 17:26:06,644 INFO L899 garLoopResultBuilder]: For program point L677(lines 677 683) no Hoare annotation was computed. [2022-07-19 17:26:06,644 INFO L899 garLoopResultBuilder]: For program point L677-1(lines 677 683) no Hoare annotation was computed. [2022-07-19 17:26:06,644 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-19 17:26:06,644 INFO L899 garLoopResultBuilder]: For program point L669(lines 669 673) no Hoare annotation was computed. [2022-07-19 17:26:06,644 INFO L902 garLoopResultBuilder]: At program point L797(lines 789 799) the Hoare annotation is: true [2022-07-19 17:26:06,644 INFO L895 garLoopResultBuilder]: At program point L186(lines 181 188) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse1 .cse2 .cse3) (and .cse0 (< 1 ~waterLevel~0) .cse1 .cse2 .cse3))) [2022-07-19 17:26:06,644 INFO L895 garLoopResultBuilder]: At program point L83(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:26:06,644 INFO L895 garLoopResultBuilder]: At program point L785(lines 781 787) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:26:06,645 INFO L895 garLoopResultBuilder]: At program point L75(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:26:06,645 INFO L899 garLoopResultBuilder]: For program point L810(lines 810 817) no Hoare annotation was computed. [2022-07-19 17:26:06,645 INFO L899 garLoopResultBuilder]: For program point L810-2(lines 810 817) no Hoare annotation was computed. [2022-07-19 17:26:06,645 INFO L895 garLoopResultBuilder]: At program point L831(lines 826 833) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:26:06,645 INFO L902 garLoopResultBuilder]: At program point L819(lines 800 822) the Hoare annotation is: true [2022-07-19 17:26:06,645 INFO L902 garLoopResultBuilder]: At program point L720(lines 657 724) the Hoare annotation is: true [2022-07-19 17:26:06,645 INFO L899 garLoopResultBuilder]: For program point L687(lines 687 693) no Hoare annotation was computed. [2022-07-19 17:26:06,646 INFO L899 garLoopResultBuilder]: For program point L687-1(lines 687 693) no Hoare annotation was computed. [2022-07-19 17:26:06,646 INFO L895 garLoopResultBuilder]: At program point L679(line 679) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse5 (<= ~waterLevel~0 1)) (.cse6 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse6 .cse2 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse5 .cse2 .cse3) (and .cse0 .cse1 .cse6 .cse2) (and .cse4 .cse1 .cse6 .cse2) (and .cse0 .cse5 .cse6 .cse2))) [2022-07-19 17:26:06,646 INFO L895 garLoopResultBuilder]: At program point L68(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-19 17:26:06,646 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 888 899) no Hoare annotation was computed. [2022-07-19 17:26:06,646 INFO L899 garLoopResultBuilder]: For program point L892-1(lines 888 899) no Hoare annotation was computed. [2022-07-19 17:26:06,646 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 888 899) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 ~pumpRunning~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse2 .cse3) (or .cse5 .cse4 .cse0 .cse3) (or .cse4 .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (= 0 ~systemActive~0))) (or .cse5 .cse0 .cse1 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-19 17:26:06,646 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 200 208) no Hoare annotation was computed. [2022-07-19 17:26:06,647 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 200 208) the Hoare annotation is: true [2022-07-19 17:26:06,647 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 200 208) no Hoare annotation was computed. [2022-07-19 17:26:06,650 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-19 17:26:06,652 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-19 17:26:06,679 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.07 05:26:06 BoogieIcfgContainer [2022-07-19 17:26:06,679 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-19 17:26:06,680 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-19 17:26:06,680 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-19 17:26:06,680 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-19 17:26:06,681 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.07 05:25:55" (3/4) ... [2022-07-19 17:26:06,683 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-19 17:26:06,689 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-19 17:26:06,689 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-19 17:26:06,689 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-19 17:26:06,689 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-19 17:26:06,689 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-19 17:26:06,690 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-19 17:26:06,696 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2022-07-19 17:26:06,696 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-19 17:26:06,696 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-19 17:26:06,697 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-19 17:26:06,697 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-19 17:26:06,698 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:26:06,698 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-19 17:26:06,719 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) [2022-07-19 17:26:06,720 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-19 17:26:06,721 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-07-19 17:26:06,721 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-19 17:26:06,721 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-19 17:26:06,722 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-07-19 17:26:06,722 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-19 17:26:06,722 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-19 17:26:06,722 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-19 17:26:06,750 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-19 17:26:06,750 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-19 17:26:06,751 INFO L158 Benchmark]: Toolchain (without parser) took 12374.75ms. Allocated memory was 92.3MB in the beginning and 172.0MB in the end (delta: 79.7MB). Free memory was 57.5MB in the beginning and 52.2MB in the end (delta: 5.2MB). Peak memory consumption was 84.8MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,751 INFO L158 Benchmark]: CDTParser took 0.10ms. Allocated memory is still 92.3MB. Free memory was 62.7MB in the beginning and 62.7MB in the end (delta: 25.0kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:26:06,751 INFO L158 Benchmark]: CACSL2BoogieTranslator took 440.90ms. Allocated memory is still 92.3MB. Free memory was 57.3MB in the beginning and 56.6MB in the end (delta: 727.9kB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,752 INFO L158 Benchmark]: Boogie Procedure Inliner took 63.57ms. Allocated memory is still 92.3MB. Free memory was 56.6MB in the beginning and 54.2MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,752 INFO L158 Benchmark]: Boogie Preprocessor took 28.54ms. Allocated memory is still 92.3MB. Free memory was 54.2MB in the beginning and 52.7MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-19 17:26:06,753 INFO L158 Benchmark]: RCFGBuilder took 409.08ms. Allocated memory was 92.3MB in the beginning and 117.4MB in the end (delta: 25.2MB). Free memory was 52.7MB in the beginning and 88.5MB in the end (delta: -35.8MB). Peak memory consumption was 17.5MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,753 INFO L158 Benchmark]: TraceAbstraction took 11355.51ms. Allocated memory was 117.4MB in the beginning and 172.0MB in the end (delta: 54.5MB). Free memory was 88.0MB in the beginning and 57.5MB in the end (delta: 30.5MB). Peak memory consumption was 99.4MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,753 INFO L158 Benchmark]: Witness Printer took 70.58ms. Allocated memory is still 172.0MB. Free memory was 57.5MB in the beginning and 52.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-19 17:26:06,755 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.10ms. Allocated memory is still 92.3MB. Free memory was 62.7MB in the beginning and 62.7MB in the end (delta: 25.0kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 440.90ms. Allocated memory is still 92.3MB. Free memory was 57.3MB in the beginning and 56.6MB in the end (delta: 727.9kB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 63.57ms. Allocated memory is still 92.3MB. Free memory was 56.6MB in the beginning and 54.2MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 28.54ms. Allocated memory is still 92.3MB. Free memory was 54.2MB in the beginning and 52.7MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 409.08ms. Allocated memory was 92.3MB in the beginning and 117.4MB in the end (delta: 25.2MB). Free memory was 52.7MB in the beginning and 88.5MB in the end (delta: -35.8MB). Peak memory consumption was 17.5MB. Max. memory is 16.1GB. * TraceAbstraction took 11355.51ms. Allocated memory was 117.4MB in the beginning and 172.0MB in the end (delta: 54.5MB). Free memory was 88.0MB in the beginning and 57.5MB in the end (delta: 30.5MB). Peak memory consumption was 99.4MB. Max. memory is 16.1GB. * Witness Printer took 70.58ms. Allocated memory is still 172.0MB. Free memory was 57.5MB in the beginning and 52.2MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 11.3s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.3s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1674 SdHoareTripleChecker+Valid, 1.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1644 mSDsluCounter, 4701 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3460 mSDsCounter, 485 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1717 IncrementalHoareTripleChecker+Invalid, 2202 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 485 mSolverCounterUnsat, 1241 mSDtfsCounter, 1717 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 744 GetRequests, 616 SyntacticMatches, 6 SemanticMatches, 122 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 845 ImplicationChecksByTransitivity, 1.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=771occurred in iteration=8, InterpolantAutomatonStates: 109, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 262 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 39 LocationsWithAnnotation, 1570 PreInvPairs, 1815 NumberOfFragments, 2432 HoareAnnotationTreeSize, 1570 FomulaSimplifications, 8432 FormulaSimplificationTreeSizeReduction, 0.6s HoareSimplificationTime, 39 FomulaSimplificationsInter, 17653 FormulaSimplificationTreeSizeReductionInter, 4.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 939 NumberOfCodeBlocks, 939 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1185 ConstructedInterpolants, 0 QuantifiedInterpolants, 2573 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1144 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 858/961 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 789]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 944]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((1 <= pumpRunning && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && waterLevel == \result) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 264]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive - InvariantResult [Line: 666]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 245]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 826]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 148]: Loop Invariant Derived loop invariant: (((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((tmp == 0 && pumpRunning == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 667]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0 && 2 == waterLevel) && splverifierCounter == 0) && 0 == systemActive) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && 0 == systemActive)) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 737]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 781]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 844]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((tmp == 0 && pumpRunning == 0) && waterLevel == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((1 <= pumpRunning && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && waterLevel == \result) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) || (((pumpRunning == 0 && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((tmp == 0 && pumpRunning == 0) && 2 == \result) && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((1 <= pumpRunning && 2 == \result) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 279]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 727]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 181]: Loop Invariant Derived loop invariant: ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || ((((pumpRunning == 0 && 1 < waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 834]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) - InvariantResult [Line: 953]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((\result == 1 && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || ((pumpRunning == 0 && 2 == waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 876]: Loop Invariant Derived loop invariant: ((((((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || ((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 88]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2))) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-07-19 17:26:06,822 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE