./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-02 20:41:28,631 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-02 20:41:28,634 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-02 20:41:28,676 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-02 20:41:28,677 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-02 20:41:28,678 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-02 20:41:28,680 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-02 20:41:28,682 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-02 20:41:28,684 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-02 20:41:28,686 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-02 20:41:28,687 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-02 20:41:28,688 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-02 20:41:28,689 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-02 20:41:28,690 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-02 20:41:28,691 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-02 20:41:28,693 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-02 20:41:28,694 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-02 20:41:28,695 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-02 20:41:28,698 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-02 20:41:28,700 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-02 20:41:28,702 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-02 20:41:28,704 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-02 20:41:28,706 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-02 20:41:28,707 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-02 20:41:28,712 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-02 20:41:28,712 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-02 20:41:28,713 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-02 20:41:28,714 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-02 20:41:28,715 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-02 20:41:28,723 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-02 20:41:28,723 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-02 20:41:28,724 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-02 20:41:28,725 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-02 20:41:28,726 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-02 20:41:28,727 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-02 20:41:28,728 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-02 20:41:28,729 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-02 20:41:28,729 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-02 20:41:28,729 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-02 20:41:28,730 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-02 20:41:28,731 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-02 20:41:28,732 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-02 20:41:28,760 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-02 20:41:28,761 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-02 20:41:28,761 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-02 20:41:28,762 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-02 20:41:28,763 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-02 20:41:28,763 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-02 20:41:28,764 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-02 20:41:28,764 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-02 20:41:28,765 INFO L138 SettingsManager]: * Use SBE=true [2022-11-02 20:41:28,765 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-02 20:41:28,765 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-02 20:41:28,766 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-02 20:41:28,766 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-02 20:41:28,766 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-02 20:41:28,767 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-02 20:41:28,767 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-02 20:41:28,767 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-02 20:41:28,768 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-02 20:41:28,768 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-02 20:41:28,768 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-02 20:41:28,769 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-02 20:41:28,769 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-02 20:41:28,769 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-02 20:41:28,770 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-02 20:41:28,770 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 20:41:28,771 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-02 20:41:28,771 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-02 20:41:28,771 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-02 20:41:28,771 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-02 20:41:28,772 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-02 20:41:28,772 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-02 20:41:28,772 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-02 20:41:28,772 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-02 20:41:28,773 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aba011a2dee79947f4cca7910fc4583b21e1f3cb9acd1affa050aa7677352666 [2022-11-02 20:41:29,133 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-02 20:41:29,159 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-02 20:41:29,163 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-02 20:41:29,164 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-02 20:41:29,166 INFO L275 PluginConnector]: CDTParser initialized [2022-11-02 20:41:29,167 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/../../sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2022-11-02 20:41:29,267 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/data/4d7c68a0f/4dbfa44886f2491ea79b10398aa478b6/FLAG5c716fee3 [2022-11-02 20:41:29,966 INFO L306 CDTParser]: Found 1 translation units. [2022-11-02 20:41:29,967 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c [2022-11-02 20:41:29,981 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/data/4d7c68a0f/4dbfa44886f2491ea79b10398aa478b6/FLAG5c716fee3 [2022-11-02 20:41:30,261 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/data/4d7c68a0f/4dbfa44886f2491ea79b10398aa478b6 [2022-11-02 20:41:30,264 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-02 20:41:30,266 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-02 20:41:30,271 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-02 20:41:30,271 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-02 20:41:30,277 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-02 20:41:30,278 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 08:41:30" (1/1) ... [2022-11-02 20:41:30,279 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6c762796 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:30, skipping insertion in model container [2022-11-02 20:41:30,279 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 08:41:30" (1/1) ... [2022-11-02 20:41:30,289 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-02 20:41:30,344 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-02 20:41:30,593 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2022-11-02 20:41:30,849 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 20:41:30,860 INFO L203 MainTranslator]: Completed pre-run [2022-11-02 20:41:30,876 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/sv-benchmarks/c/product-lines/minepump_spec5_product57.cil.c[1605,1618] [2022-11-02 20:41:30,976 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 20:41:31,001 INFO L208 MainTranslator]: Completed translation [2022-11-02 20:41:31,001 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31 WrapperNode [2022-11-02 20:41:31,001 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-02 20:41:31,003 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-02 20:41:31,003 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-02 20:41:31,003 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-02 20:41:31,015 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,032 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,066 INFO L138 Inliner]: procedures = 58, calls = 159, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 285 [2022-11-02 20:41:31,066 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-02 20:41:31,067 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-02 20:41:31,067 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-02 20:41:31,067 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-02 20:41:31,079 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,079 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,083 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,083 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,090 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,096 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,098 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,100 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,104 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-02 20:41:31,105 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-02 20:41:31,105 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-02 20:41:31,105 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-02 20:41:31,119 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (1/1) ... [2022-11-02 20:41:31,127 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 20:41:31,152 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 20:41:31,176 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-02 20:41:31,190 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-02 20:41:31,231 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-02 20:41:31,231 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-02 20:41:31,231 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-02 20:41:31,231 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-02 20:41:31,232 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-02 20:41:31,232 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-02 20:41:31,232 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-02 20:41:31,232 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:41:31,233 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:41:31,233 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-02 20:41:31,233 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-02 20:41:31,233 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-02 20:41:31,233 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-02 20:41:31,234 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-02 20:41:31,234 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-02 20:41:31,234 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-02 20:41:31,234 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-02 20:41:31,235 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-02 20:41:31,337 INFO L235 CfgBuilder]: Building ICFG [2022-11-02 20:41:31,339 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-02 20:41:31,992 INFO L276 CfgBuilder]: Performing block encoding [2022-11-02 20:41:32,002 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-02 20:41:32,002 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-02 20:41:32,005 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:41:32 BoogieIcfgContainer [2022-11-02 20:41:32,005 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-02 20:41:32,032 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-02 20:41:32,032 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-02 20:41:32,036 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-02 20:41:32,037 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 02.11 08:41:30" (1/3) ... [2022-11-02 20:41:32,038 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@19a87b45 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 08:41:32, skipping insertion in model container [2022-11-02 20:41:32,038 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:41:31" (2/3) ... [2022-11-02 20:41:32,038 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@19a87b45 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 08:41:32, skipping insertion in model container [2022-11-02 20:41:32,039 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:41:32" (3/3) ... [2022-11-02 20:41:32,040 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product57.cil.c [2022-11-02 20:41:32,064 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-02 20:41:32,065 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-02 20:41:32,161 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-02 20:41:32,174 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@348c9dbb, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-02 20:41:32,174 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-02 20:41:32,192 INFO L276 IsEmpty]: Start isEmpty. Operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-02 20:41:32,214 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-02 20:41:32,214 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:32,218 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:32,219 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:32,230 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:32,230 INFO L85 PathProgramCache]: Analyzing trace with hash 1773170943, now seen corresponding path program 1 times [2022-11-02 20:41:32,247 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:32,248 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1898193798] [2022-11-02 20:41:32,248 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:32,249 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:32,453 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,553 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-02 20:41:32,557 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,562 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-02 20:41:32,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,569 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:32,570 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:32,571 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1898193798] [2022-11-02 20:41:32,571 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1898193798] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:32,572 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:32,572 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-02 20:41:32,574 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1137358062] [2022-11-02 20:41:32,575 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:32,581 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-02 20:41:32,581 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:32,616 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-02 20:41:32,617 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 20:41:32,620 INFO L87 Difference]: Start difference. First operand has 96 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 83 states have internal predecessors, (103), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:41:32,663 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:32,663 INFO L93 Difference]: Finished difference Result 183 states and 248 transitions. [2022-11-02 20:41:32,664 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-02 20:41:32,666 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-02 20:41:32,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:32,677 INFO L225 Difference]: With dead ends: 183 [2022-11-02 20:41:32,678 INFO L226 Difference]: Without dead ends: 87 [2022-11-02 20:41:32,682 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 20:41:32,687 INFO L413 NwaCegarLoop]: 121 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 121 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:32,688 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:41:32,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 87 states. [2022-11-02 20:41:32,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 87 to 87. [2022-11-02 20:41:32,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 75 states have internal predecessors, (89), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-02 20:41:32,764 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 112 transitions. [2022-11-02 20:41:32,770 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 112 transitions. Word has length 32 [2022-11-02 20:41:32,771 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:32,771 INFO L495 AbstractCegarLoop]: Abstraction has 87 states and 112 transitions. [2022-11-02 20:41:32,771 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:41:32,772 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 112 transitions. [2022-11-02 20:41:32,774 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-02 20:41:32,775 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:32,775 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:32,775 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-02 20:41:32,776 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:32,776 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:32,777 INFO L85 PathProgramCache]: Analyzing trace with hash -1531656934, now seen corresponding path program 1 times [2022-11-02 20:41:32,777 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:32,777 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [595958465] [2022-11-02 20:41:32,777 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:32,778 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:32,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,952 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-02 20:41:32,954 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,957 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-02 20:41:32,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:32,962 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:32,962 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:32,963 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [595958465] [2022-11-02 20:41:32,963 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [595958465] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:32,963 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:32,964 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 20:41:32,964 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [21515468] [2022-11-02 20:41:32,964 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:32,966 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 20:41:32,966 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:32,967 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 20:41:32,967 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:41:32,968 INFO L87 Difference]: Start difference. First operand 87 states and 112 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:41:32,989 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:32,989 INFO L93 Difference]: Finished difference Result 139 states and 179 transitions. [2022-11-02 20:41:32,990 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 20:41:32,990 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-02 20:41:32,991 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:32,992 INFO L225 Difference]: With dead ends: 139 [2022-11-02 20:41:32,992 INFO L226 Difference]: Without dead ends: 78 [2022-11-02 20:41:33,007 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:41:33,008 INFO L413 NwaCegarLoop]: 99 mSDtfsCounter, 12 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:33,009 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 182 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:41:33,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2022-11-02 20:41:33,019 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2022-11-02 20:41:33,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 69 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-02 20:41:33,021 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 100 transitions. [2022-11-02 20:41:33,021 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 100 transitions. Word has length 33 [2022-11-02 20:41:33,022 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:33,022 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 100 transitions. [2022-11-02 20:41:33,022 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:41:33,022 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 100 transitions. [2022-11-02 20:41:33,024 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-02 20:41:33,024 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:33,024 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:33,024 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-02 20:41:33,025 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:33,025 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:33,029 INFO L85 PathProgramCache]: Analyzing trace with hash 840710854, now seen corresponding path program 1 times [2022-11-02 20:41:33,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:33,030 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [386459808] [2022-11-02 20:41:33,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:33,030 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:33,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,384 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:33,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,399 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-11-02 20:41:33,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,406 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:33,409 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:33,409 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [386459808] [2022-11-02 20:41:33,410 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [386459808] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:33,410 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:33,410 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-02 20:41:33,412 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2129257865] [2022-11-02 20:41:33,412 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:33,413 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-02 20:41:33,413 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:33,415 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-02 20:41:33,416 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-11-02 20:41:33,416 INFO L87 Difference]: Start difference. First operand 78 states and 100 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:41:33,617 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:33,617 INFO L93 Difference]: Finished difference Result 148 states and 193 transitions. [2022-11-02 20:41:33,618 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-02 20:41:33,619 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-11-02 20:41:33,619 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:33,620 INFO L225 Difference]: With dead ends: 148 [2022-11-02 20:41:33,625 INFO L226 Difference]: Without dead ends: 78 [2022-11-02 20:41:33,626 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-11-02 20:41:33,628 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 191 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 41 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 191 SdHoareTripleChecker+Valid, 215 SdHoareTripleChecker+Invalid, 67 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 41 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:33,633 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [191 Valid, 215 Invalid, 67 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 41 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 20:41:33,634 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2022-11-02 20:41:33,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 78. [2022-11-02 20:41:33,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 62 states have (on average 1.3064516129032258) internal successors, (81), 69 states have internal predecessors, (81), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-02 20:41:33,647 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 99 transitions. [2022-11-02 20:41:33,647 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 99 transitions. Word has length 37 [2022-11-02 20:41:33,649 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:33,649 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 99 transitions. [2022-11-02 20:41:33,650 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:41:33,650 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 99 transitions. [2022-11-02 20:41:33,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2022-11-02 20:41:33,652 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:33,652 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:33,652 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-02 20:41:33,653 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:33,653 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:33,653 INFO L85 PathProgramCache]: Analyzing trace with hash 244336530, now seen corresponding path program 1 times [2022-11-02 20:41:33,654 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:33,654 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1419101123] [2022-11-02 20:41:33,654 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:33,655 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:33,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,872 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:33,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,878 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 37 [2022-11-02 20:41:33,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:33,896 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:33,896 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:33,897 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1419101123] [2022-11-02 20:41:33,897 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1419101123] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:33,897 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:33,898 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 20:41:33,898 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [13805042] [2022-11-02 20:41:33,898 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:33,899 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 20:41:33,899 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:33,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 20:41:33,900 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:41:33,900 INFO L87 Difference]: Start difference. First operand 78 states and 99 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:41:33,950 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:33,951 INFO L93 Difference]: Finished difference Result 196 states and 255 transitions. [2022-11-02 20:41:33,951 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 20:41:33,952 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 45 [2022-11-02 20:41:33,952 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:33,953 INFO L225 Difference]: With dead ends: 196 [2022-11-02 20:41:33,953 INFO L226 Difference]: Without dead ends: 126 [2022-11-02 20:41:33,954 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:41:33,956 INFO L413 NwaCegarLoop]: 107 mSDtfsCounter, 59 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 174 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:33,957 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 174 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:41:33,958 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2022-11-02 20:41:34,002 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2022-11-02 20:41:34,003 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 97 states have (on average 1.288659793814433) internal successors, (125), 105 states have internal predecessors, (125), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2022-11-02 20:41:34,005 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 157 transitions. [2022-11-02 20:41:34,005 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 157 transitions. Word has length 45 [2022-11-02 20:41:34,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:34,006 INFO L495 AbstractCegarLoop]: Abstraction has 124 states and 157 transitions. [2022-11-02 20:41:34,007 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:41:34,007 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 157 transitions. [2022-11-02 20:41:34,009 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-02 20:41:34,009 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:34,009 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:34,010 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-02 20:41:34,010 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:34,011 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:34,011 INFO L85 PathProgramCache]: Analyzing trace with hash 816783697, now seen corresponding path program 1 times [2022-11-02 20:41:34,011 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:34,012 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1316529731] [2022-11-02 20:41:34,012 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:34,012 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:34,040 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,224 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:34,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,236 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 20:41:34,240 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,252 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-02 20:41:34,253 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2022-11-02 20:41:34,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,273 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-02 20:41:34,274 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:34,274 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1316529731] [2022-11-02 20:41:34,274 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1316529731] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:34,275 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:34,275 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-02 20:41:34,275 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [705639536] [2022-11-02 20:41:34,275 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:34,276 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-02 20:41:34,276 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:34,277 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-02 20:41:34,277 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-02 20:41:34,277 INFO L87 Difference]: Start difference. First operand 124 states and 157 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-02 20:41:34,620 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:34,620 INFO L93 Difference]: Finished difference Result 276 states and 351 transitions. [2022-11-02 20:41:34,621 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-02 20:41:34,621 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 53 [2022-11-02 20:41:34,622 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:34,623 INFO L225 Difference]: With dead ends: 276 [2022-11-02 20:41:34,624 INFO L226 Difference]: Without dead ends: 160 [2022-11-02 20:41:34,625 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-02 20:41:34,627 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 119 mSDsluCounter, 358 mSDsCounter, 0 mSdLazyCounter, 191 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 459 SdHoareTripleChecker+Invalid, 223 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 191 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:34,627 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 459 Invalid, 223 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 191 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 20:41:34,629 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-02 20:41:34,650 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 146. [2022-11-02 20:41:34,651 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 114 states have (on average 1.263157894736842) internal successors, (144), 122 states have internal predecessors, (144), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:41:34,653 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 183 transitions. [2022-11-02 20:41:34,653 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 183 transitions. Word has length 53 [2022-11-02 20:41:34,654 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:34,654 INFO L495 AbstractCegarLoop]: Abstraction has 146 states and 183 transitions. [2022-11-02 20:41:34,654 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-02 20:41:34,654 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 183 transitions. [2022-11-02 20:41:34,656 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-02 20:41:34,656 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:34,657 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:34,657 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-02 20:41:34,657 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:34,658 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:34,658 INFO L85 PathProgramCache]: Analyzing trace with hash 1305099847, now seen corresponding path program 1 times [2022-11-02 20:41:34,658 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:34,658 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1508783823] [2022-11-02 20:41:34,658 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:34,659 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:34,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,748 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:34,750 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,755 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 20:41:34,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,796 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-02 20:41:34,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:34,800 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:34,800 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:34,800 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1508783823] [2022-11-02 20:41:34,800 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1508783823] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:34,801 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:34,801 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-02 20:41:34,801 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [485378459] [2022-11-02 20:41:34,801 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:34,802 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-02 20:41:34,802 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:34,802 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-02 20:41:34,803 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-02 20:41:34,803 INFO L87 Difference]: Start difference. First operand 146 states and 183 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,003 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:35,003 INFO L93 Difference]: Finished difference Result 294 states and 379 transitions. [2022-11-02 20:41:35,004 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 20:41:35,004 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2022-11-02 20:41:35,005 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:35,006 INFO L225 Difference]: With dead ends: 294 [2022-11-02 20:41:35,006 INFO L226 Difference]: Without dead ends: 156 [2022-11-02 20:41:35,007 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-02 20:41:35,009 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 71 mSDsluCounter, 273 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 363 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:35,009 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 363 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 20:41:35,010 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2022-11-02 20:41:35,031 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 149. [2022-11-02 20:41:35,032 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 117 states have (on average 1.2564102564102564) internal successors, (147), 125 states have internal predecessors, (147), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:41:35,033 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 186 transitions. [2022-11-02 20:41:35,033 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 186 transitions. Word has length 55 [2022-11-02 20:41:35,034 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:35,034 INFO L495 AbstractCegarLoop]: Abstraction has 149 states and 186 transitions. [2022-11-02 20:41:35,034 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,034 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 186 transitions. [2022-11-02 20:41:35,036 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-02 20:41:35,036 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:35,036 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:35,036 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-02 20:41:35,037 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:35,037 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:35,037 INFO L85 PathProgramCache]: Analyzing trace with hash -500338487, now seen corresponding path program 1 times [2022-11-02 20:41:35,037 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:35,038 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [474468079] [2022-11-02 20:41:35,038 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:35,038 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:35,058 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,129 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:35,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,135 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 20:41:35,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,168 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-02 20:41:35,169 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,171 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:35,171 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:35,172 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [474468079] [2022-11-02 20:41:35,172 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [474468079] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:35,172 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:35,172 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 20:41:35,172 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [546672263] [2022-11-02 20:41:35,173 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:35,173 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 20:41:35,173 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:35,174 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 20:41:35,174 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 20:41:35,174 INFO L87 Difference]: Start difference. First operand 149 states and 186 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:35,313 INFO L93 Difference]: Finished difference Result 300 states and 384 transitions. [2022-11-02 20:41:35,314 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-02 20:41:35,314 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2022-11-02 20:41:35,315 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:35,316 INFO L225 Difference]: With dead ends: 300 [2022-11-02 20:41:35,316 INFO L226 Difference]: Without dead ends: 159 [2022-11-02 20:41:35,317 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-02 20:41:35,318 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 73 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 81 mSolverCounterSat, 16 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 286 SdHoareTripleChecker+Invalid, 97 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 16 IncrementalHoareTripleChecker+Valid, 81 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:35,319 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 286 Invalid, 97 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [16 Valid, 81 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 20:41:35,320 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2022-11-02 20:41:35,336 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 151. [2022-11-02 20:41:35,337 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:41:35,338 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2022-11-02 20:41:35,339 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 55 [2022-11-02 20:41:35,339 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:35,339 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2022-11-02 20:41:35,340 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,340 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2022-11-02 20:41:35,341 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-02 20:41:35,341 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:35,342 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:35,342 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-02 20:41:35,342 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:35,343 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:35,343 INFO L85 PathProgramCache]: Analyzing trace with hash -359789877, now seen corresponding path program 1 times [2022-11-02 20:41:35,343 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:35,343 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1153821550] [2022-11-02 20:41:35,344 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:35,344 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:35,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,444 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 20:41:35,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,453 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 20:41:35,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,476 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-02 20:41:35,477 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:35,479 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:35,479 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:35,479 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1153821550] [2022-11-02 20:41:35,480 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1153821550] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:35,480 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:35,480 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 20:41:35,480 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [314710250] [2022-11-02 20:41:35,481 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:35,481 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 20:41:35,481 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:35,482 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 20:41:35,482 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 20:41:35,483 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,808 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:35,808 INFO L93 Difference]: Finished difference Result 423 states and 549 transitions. [2022-11-02 20:41:35,809 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 20:41:35,809 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2022-11-02 20:41:35,809 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:35,816 INFO L225 Difference]: With dead ends: 423 [2022-11-02 20:41:35,817 INFO L226 Difference]: Without dead ends: 280 [2022-11-02 20:41:35,818 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-02 20:41:35,822 INFO L413 NwaCegarLoop]: 140 mSDtfsCounter, 212 mSDsluCounter, 168 mSDsCounter, 0 mSdLazyCounter, 144 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 308 SdHoareTripleChecker+Invalid, 209 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 144 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:35,822 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 308 Invalid, 209 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 20:41:35,825 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 280 states. [2022-11-02 20:41:35,881 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 280 to 278. [2022-11-02 20:41:35,882 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 278 states, 214 states have (on average 1.2242990654205608) internal successors, (262), 226 states have internal predecessors, (262), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2022-11-02 20:41:35,886 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 278 states to 278 states and 349 transitions. [2022-11-02 20:41:35,886 INFO L78 Accepts]: Start accepts. Automaton has 278 states and 349 transitions. Word has length 55 [2022-11-02 20:41:35,886 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:35,890 INFO L495 AbstractCegarLoop]: Abstraction has 278 states and 349 transitions. [2022-11-02 20:41:35,891 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:41:35,891 INFO L276 IsEmpty]: Start isEmpty. Operand 278 states and 349 transitions. [2022-11-02 20:41:35,896 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2022-11-02 20:41:35,897 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:35,897 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:35,898 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-02 20:41:35,898 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:35,899 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:35,899 INFO L85 PathProgramCache]: Analyzing trace with hash 1504091825, now seen corresponding path program 1 times [2022-11-02 20:41:35,899 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:35,900 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1611241053] [2022-11-02 20:41:35,900 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:35,900 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:35,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:36,274 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 20:41:36,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:36,283 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-02 20:41:36,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:36,297 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-11-02 20:41:36,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:36,337 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 51 [2022-11-02 20:41:36,339 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:36,343 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:41:36,344 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:36,344 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1611241053] [2022-11-02 20:41:36,344 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1611241053] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:41:36,344 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:41:36,345 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-02 20:41:36,345 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [328519486] [2022-11-02 20:41:36,345 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:41:36,350 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-02 20:41:36,351 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:36,351 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-02 20:41:36,351 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2022-11-02 20:41:36,352 INFO L87 Difference]: Start difference. First operand 278 states and 349 transitions. Second operand has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 20:41:37,451 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:37,452 INFO L93 Difference]: Finished difference Result 757 states and 998 transitions. [2022-11-02 20:41:37,452 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-02 20:41:37,453 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 59 [2022-11-02 20:41:37,454 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:37,460 INFO L225 Difference]: With dead ends: 757 [2022-11-02 20:41:37,460 INFO L226 Difference]: Without dead ends: 537 [2022-11-02 20:41:37,463 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 255 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=250, Invalid=806, Unknown=0, NotChecked=0, Total=1056 [2022-11-02 20:41:37,467 INFO L413 NwaCegarLoop]: 139 mSDtfsCounter, 670 mSDsluCounter, 432 mSDsCounter, 0 mSdLazyCounter, 481 mSolverCounterSat, 234 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 675 SdHoareTripleChecker+Valid, 571 SdHoareTripleChecker+Invalid, 715 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 234 IncrementalHoareTripleChecker+Valid, 481 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:37,467 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [675 Valid, 571 Invalid, 715 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [234 Valid, 481 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-02 20:41:37,469 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 537 states. [2022-11-02 20:41:37,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 537 to 433. [2022-11-02 20:41:37,547 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 433 states, 335 states have (on average 1.2119402985074628) internal successors, (406), 356 states have internal predecessors, (406), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2022-11-02 20:41:37,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 433 states to 433 states and 540 transitions. [2022-11-02 20:41:37,552 INFO L78 Accepts]: Start accepts. Automaton has 433 states and 540 transitions. Word has length 59 [2022-11-02 20:41:37,552 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:37,552 INFO L495 AbstractCegarLoop]: Abstraction has 433 states and 540 transitions. [2022-11-02 20:41:37,553 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.8) internal successors, (48), 8 states have internal predecessors, (48), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 20:41:37,554 INFO L276 IsEmpty]: Start isEmpty. Operand 433 states and 540 transitions. [2022-11-02 20:41:37,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 101 [2022-11-02 20:41:37,555 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:41:37,556 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:37,556 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-02 20:41:37,556 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:41:37,557 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:41:37,557 INFO L85 PathProgramCache]: Analyzing trace with hash -808581914, now seen corresponding path program 1 times [2022-11-02 20:41:37,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:41:37,558 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [39852398] [2022-11-02 20:41:37,558 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:37,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:41:37,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:37,891 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 20:41:37,893 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:37,910 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-02 20:41:37,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:37,946 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 20:41:37,947 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:37,959 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-02 20:41:37,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:37,980 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2022-11-02 20:41:37,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:38,000 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 80 [2022-11-02 20:41:38,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:38,004 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 20:41:38,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:38,006 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2022-11-02 20:41:38,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:38,010 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 17 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-02 20:41:38,011 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:41:38,011 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [39852398] [2022-11-02 20:41:38,011 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [39852398] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-02 20:41:38,011 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [322009888] [2022-11-02 20:41:38,012 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:41:38,012 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 20:41:38,012 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 20:41:38,015 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-02 20:41:38,033 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-02 20:41:38,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:41:38,190 INFO L263 TraceCheckSpWp]: Trace formula consists of 488 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-02 20:41:38,199 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-02 20:41:38,485 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-02 20:41:38,485 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-02 20:41:38,824 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-02 20:41:38,825 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [322009888] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-02 20:41:38,825 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-02 20:41:38,825 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2022-11-02 20:41:38,826 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1452021847] [2022-11-02 20:41:38,826 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-02 20:41:38,828 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-11-02 20:41:38,828 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:41:38,829 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-11-02 20:41:38,829 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2022-11-02 20:41:38,830 INFO L87 Difference]: Start difference. First operand 433 states and 540 transitions. Second operand has 16 states, 16 states have (on average 7.75) internal successors, (124), 11 states have internal predecessors, (124), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-02 20:41:40,447 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:41:40,448 INFO L93 Difference]: Finished difference Result 907 states and 1158 transitions. [2022-11-02 20:41:40,449 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2022-11-02 20:41:40,449 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.75) internal successors, (124), 11 states have internal predecessors, (124), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 100 [2022-11-02 20:41:40,449 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:41:40,450 INFO L225 Difference]: With dead ends: 907 [2022-11-02 20:41:40,450 INFO L226 Difference]: Without dead ends: 0 [2022-11-02 20:41:40,454 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 264 GetRequests, 221 SyntacticMatches, 4 SemanticMatches, 39 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 383 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=287, Invalid=1353, Unknown=0, NotChecked=0, Total=1640 [2022-11-02 20:41:40,455 INFO L413 NwaCegarLoop]: 217 mSDtfsCounter, 401 mSDsluCounter, 1319 mSDsCounter, 0 mSdLazyCounter, 1135 mSolverCounterSat, 161 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 402 SdHoareTripleChecker+Valid, 1536 SdHoareTripleChecker+Invalid, 1296 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 161 IncrementalHoareTripleChecker+Valid, 1135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:41:40,456 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [402 Valid, 1536 Invalid, 1296 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [161 Valid, 1135 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-02 20:41:40,457 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-02 20:41:40,457 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-02 20:41:40,457 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-02 20:41:40,458 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-02 20:41:40,459 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 100 [2022-11-02 20:41:40,459 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:41:40,459 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-02 20:41:40,460 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.75) internal successors, (124), 11 states have internal predecessors, (124), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-02 20:41:40,460 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-02 20:41:40,460 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-02 20:41:40,467 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-02 20:41:40,517 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-02 20:41:40,681 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 20:41:40,683 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-02 20:41:46,646 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 822 828) no Hoare annotation was computed. [2022-11-02 20:41:46,646 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 822 828) the Hoare annotation is: true [2022-11-02 20:41:46,646 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 232 243) the Hoare annotation is: true [2022-11-02 20:41:46,647 INFO L899 garLoopResultBuilder]: For program point L236-1(lines 232 243) no Hoare annotation was computed. [2022-11-02 20:41:46,647 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 232 243) no Hoare annotation was computed. [2022-11-02 20:41:46,647 INFO L895 garLoopResultBuilder]: At program point L692(lines 685 694) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:41:46,648 INFO L895 garLoopResultBuilder]: At program point L304(lines 299 307) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:41:46,648 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 795 821) no Hoare annotation was computed. [2022-11-02 20:41:46,648 INFO L895 garLoopResultBuilder]: At program point L870(line 870) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:41:46,649 INFO L895 garLoopResultBuilder]: At program point L705(line 705) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (or .cse8 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse5) (or .cse8 .cse0 .cse5 .cse6) (let ((.cse9 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse9 .cse4) .cse5 (and .cse2 .cse9 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:41:46,649 INFO L899 garLoopResultBuilder]: For program point L705-1(line 705) no Hoare annotation was computed. [2022-11-02 20:41:46,649 INFO L895 garLoopResultBuilder]: At program point L912(lines 907 914) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 .cse4 (not (<= 2 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3)) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4))) [2022-11-02 20:41:46,650 INFO L895 garLoopResultBuilder]: At program point L875(line 875) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-02 20:41:46,650 INFO L895 garLoopResultBuilder]: At program point L875-1(lines 856 880) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse6 .cse7) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse7) .cse5)) (let ((.cse8 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse6 .cse8 .cse4) .cse5 (and .cse2 .cse8 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:41:46,650 INFO L899 garLoopResultBuilder]: For program point L809-1(lines 809 815) no Hoare annotation was computed. [2022-11-02 20:41:46,651 INFO L899 garLoopResultBuilder]: For program point L999(lines 999 1003) no Hoare annotation was computed. [2022-11-02 20:41:46,651 INFO L899 garLoopResultBuilder]: For program point L999-2(lines 999 1003) no Hoare annotation was computed. [2022-11-02 20:41:46,651 INFO L895 garLoopResultBuilder]: At program point L281(lines 276 284) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse8 (and .cse7 .cse9) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse9) .cse5)) (or .cse8 .cse0 .cse5 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse6) (let ((.cse10 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse10 .cse4) .cse5 (and .cse2 .cse10 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:41:46,652 INFO L899 garLoopResultBuilder]: For program point L54(line 54) no Hoare annotation was computed. [2022-11-02 20:41:46,652 INFO L895 garLoopResultBuilder]: At program point L690(line 690) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-02 20:41:46,652 INFO L899 garLoopResultBuilder]: For program point L690-1(line 690) no Hoare annotation was computed. [2022-11-02 20:41:46,652 INFO L899 garLoopResultBuilder]: For program point L707(lines 707 717) no Hoare annotation was computed. [2022-11-02 20:41:46,653 INFO L899 garLoopResultBuilder]: For program point L802(lines 802 808) no Hoare annotation was computed. [2022-11-02 20:41:46,653 INFO L899 garLoopResultBuilder]: For program point L802-2(lines 798 820) no Hoare annotation was computed. [2022-11-02 20:41:46,653 INFO L899 garLoopResultBuilder]: For program point L864(lines 864 872) no Hoare annotation was computed. [2022-11-02 20:41:46,653 INFO L899 garLoopResultBuilder]: For program point L703(lines 703 720) no Hoare annotation was computed. [2022-11-02 20:41:46,654 INFO L895 garLoopResultBuilder]: At program point L703-1(lines 695 723) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not .cse6)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|)))) (and (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse1 .cse2) .cse3 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse2) .cse4)) (let ((.cse7 (<= ~waterLevel~0 2))) (or .cse3 .cse5 (and .cse1 .cse6 .cse7 .cse8) .cse4 (and .cse9 .cse6 .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (or .cse0 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1| 2) (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1|) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse3 .cse4 .cse10) (let ((.cse11 (= ~waterLevel~0 1))) (or (and .cse1 .cse6 .cse11 .cse8) .cse3 .cse5 (and .cse9 .cse6 .cse11 .cse8) .cse4 .cse10))))) [2022-11-02 20:41:46,654 INFO L899 garLoopResultBuilder]: For program point L860(lines 860 877) no Hoare annotation was computed. [2022-11-02 20:41:46,654 INFO L895 garLoopResultBuilder]: At program point L55(lines 50 57) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-02 20:41:46,655 INFO L899 garLoopResultBuilder]: For program point L212(lines 212 216) no Hoare annotation was computed. [2022-11-02 20:41:46,655 INFO L895 garLoopResultBuilder]: At program point L212-2(lines 208 219) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:41:46,655 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 795 821) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-02 20:41:46,656 INFO L895 garLoopResultBuilder]: At program point L1005(lines 990 1008) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:41:46,656 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 795 821) no Hoare annotation was computed. [2022-11-02 20:41:46,656 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-02 20:41:46,657 INFO L899 garLoopResultBuilder]: For program point L708(lines 708 714) no Hoare annotation was computed. [2022-11-02 20:41:46,657 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 99 128) no Hoare annotation was computed. [2022-11-02 20:41:46,657 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 99 128) the Hoare annotation is: true [2022-11-02 20:41:46,657 INFO L902 garLoopResultBuilder]: At program point L124(lines 99 128) the Hoare annotation is: true [2022-11-02 20:41:46,657 INFO L899 garLoopResultBuilder]: For program point L120(line 120) no Hoare annotation was computed. [2022-11-02 20:41:46,658 INFO L899 garLoopResultBuilder]: For program point L113(lines 113 117) no Hoare annotation was computed. [2022-11-02 20:41:46,658 INFO L902 garLoopResultBuilder]: At program point L113-1(lines 113 117) the Hoare annotation is: true [2022-11-02 20:41:46,658 INFO L899 garLoopResultBuilder]: For program point L110(line 110) no Hoare annotation was computed. [2022-11-02 20:41:46,658 INFO L902 garLoopResultBuilder]: At program point L109-2(lines 109 123) the Hoare annotation is: true [2022-11-02 20:41:46,659 INFO L902 garLoopResultBuilder]: At program point L105(line 105) the Hoare annotation is: true [2022-11-02 20:41:46,659 INFO L899 garLoopResultBuilder]: For program point L105-1(line 105) no Hoare annotation was computed. [2022-11-02 20:41:46,659 INFO L899 garLoopResultBuilder]: For program point L737(lines 737 741) no Hoare annotation was computed. [2022-11-02 20:41:46,659 INFO L895 garLoopResultBuilder]: At program point L77(lines 73 79) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:41:46,659 INFO L899 garLoopResultBuilder]: For program point L771(lines 771 775) no Hoare annotation was computed. [2022-11-02 20:41:46,660 INFO L895 garLoopResultBuilder]: At program point L771-2(lines 765 776) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-11-02 20:41:46,660 INFO L895 garLoopResultBuilder]: At program point L160(lines 156 162) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:41:46,660 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-02 20:41:46,660 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-02 20:41:46,661 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-02 20:41:46,661 INFO L899 garLoopResultBuilder]: For program point L755(lines 755 761) no Hoare annotation was computed. [2022-11-02 20:41:46,661 INFO L899 garLoopResultBuilder]: For program point L755-1(lines 755 761) no Hoare annotation was computed. [2022-11-02 20:41:46,661 INFO L902 garLoopResultBuilder]: At program point L784(lines 725 788) the Hoare annotation is: true [2022-11-02 20:41:46,661 INFO L902 garLoopResultBuilder]: At program point L173(lines 165 175) the Hoare annotation is: true [2022-11-02 20:41:46,662 INFO L895 garLoopResultBuilder]: At program point L747(line 747) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-11-02 20:41:46,662 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-02 20:41:46,662 INFO L899 garLoopResultBuilder]: For program point L186(lines 186 193) no Hoare annotation was computed. [2022-11-02 20:41:46,662 INFO L899 garLoopResultBuilder]: For program point L186-2(lines 186 193) no Hoare annotation was computed. [2022-11-02 20:41:46,663 INFO L895 garLoopResultBuilder]: At program point L781(lines 734 782) the Hoare annotation is: false [2022-11-02 20:41:46,663 INFO L895 garLoopResultBuilder]: At program point L682(lines 677 684) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:41:46,663 INFO L902 garLoopResultBuilder]: At program point L195(lines 176 198) the Hoare annotation is: true [2022-11-02 20:41:46,663 INFO L899 garLoopResultBuilder]: For program point L736(lines 735 780) no Hoare annotation was computed. [2022-11-02 20:41:46,664 INFO L899 garLoopResultBuilder]: For program point L765(lines 765 776) no Hoare annotation was computed. [2022-11-02 20:41:46,664 INFO L895 garLoopResultBuilder]: At program point L92(lines 87 95) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:41:46,664 INFO L895 garLoopResultBuilder]: At program point L757(line 757) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-11-02 20:41:46,664 INFO L895 garLoopResultBuilder]: At program point L84(lines 80 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:41:46,665 INFO L895 garLoopResultBuilder]: At program point L778(lines 735 780) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-11-02 20:41:46,665 INFO L899 garLoopResultBuilder]: For program point L745(lines 745 751) no Hoare annotation was computed. [2022-11-02 20:41:46,665 INFO L899 garLoopResultBuilder]: For program point L745-1(lines 745 751) no Hoare annotation was computed. [2022-11-02 20:41:46,665 INFO L899 garLoopResultBuilder]: For program point L289(lines 289 295) no Hoare annotation was computed. [2022-11-02 20:41:46,666 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 830 854) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-11-02 20:41:46,666 INFO L895 garLoopResultBuilder]: At program point L886(lines 881 888) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0)) .cse0 .cse1))) [2022-11-02 20:41:46,666 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-11-02 20:41:46,667 INFO L899 garLoopResultBuilder]: For program point L849-1(lines 830 854) no Hoare annotation was computed. [2022-11-02 20:41:46,667 INFO L895 garLoopResultBuilder]: At program point L294(lines 285 298) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) .cse2 (and .cse1 (<= 2 ~waterLevel~0)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:41:46,667 INFO L899 garLoopResultBuilder]: For program point L897(lines 897 903) no Hoare annotation was computed. [2022-11-02 20:41:46,668 INFO L895 garLoopResultBuilder]: At program point L897-2(lines 890 906) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (<= 2 ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse0) .cse1 .cse2 (and (= ~pumpRunning~0 0) .cse0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:41:46,668 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 830 854) no Hoare annotation was computed. [2022-11-02 20:41:46,668 INFO L895 garLoopResultBuilder]: At program point L986(lines 971 989) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (let ((.cse2 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and .cse2 (<= 2 ~waterLevel~0)) (and .cse2 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:41:46,668 INFO L895 garLoopResultBuilder]: At program point L922(lines 915 925) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-02 20:41:46,669 INFO L895 garLoopResultBuilder]: At program point L249(lines 244 252) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-02 20:41:46,669 INFO L899 garLoopResultBuilder]: For program point L980(lines 980 984) no Hoare annotation was computed. [2022-11-02 20:41:46,669 INFO L899 garLoopResultBuilder]: For program point L980-2(lines 980 984) no Hoare annotation was computed. [2022-11-02 20:41:46,669 INFO L895 garLoopResultBuilder]: At program point L844(line 844) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:41:46,670 INFO L899 garLoopResultBuilder]: For program point L838(lines 838 846) no Hoare annotation was computed. [2022-11-02 20:41:46,670 INFO L899 garLoopResultBuilder]: For program point L834(lines 834 851) no Hoare annotation was computed. [2022-11-02 20:41:46,670 INFO L899 garLoopResultBuilder]: For program point L224-1(lines 220 231) no Hoare annotation was computed. [2022-11-02 20:41:46,670 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 220 231) no Hoare annotation was computed. [2022-11-02 20:41:46,671 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 220 231) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3))) [2022-11-02 20:41:46,671 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 926 934) no Hoare annotation was computed. [2022-11-02 20:41:46,671 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 926 934) the Hoare annotation is: true [2022-11-02 20:41:46,671 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 926 934) no Hoare annotation was computed. [2022-11-02 20:41:46,675 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:41:46,678 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-02 20:41:46,754 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 02.11 08:41:46 BoogieIcfgContainer [2022-11-02 20:41:46,755 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-02 20:41:46,755 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-02 20:41:46,756 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-02 20:41:46,756 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-02 20:41:46,756 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:41:32" (3/4) ... [2022-11-02 20:41:46,760 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-02 20:41:46,771 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-02 20:41:46,771 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-02 20:41:46,771 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-02 20:41:46,772 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-02 20:41:46,772 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:41:46,772 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-02 20:41:46,772 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-02 20:41:46,790 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 54 nodes and edges [2022-11-02 20:41:46,791 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-02 20:41:46,792 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-02 20:41:46,792 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-02 20:41:46,793 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-02 20:41:46,793 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 20:41:46,794 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 20:41:46,829 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-11-02 20:41:46,830 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-11-02 20:41:46,830 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-11-02 20:41:46,830 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= pumpRunning && tmp == 1) && 2 <= waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || ((((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) [2022-11-02 20:41:46,833 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:41:46,834 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:41:46,835 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((\result <= 2 && tmp <= 2) && 1 < tmp) && 2 <= \result)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:41:46,836 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:41:46,836 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 20:41:46,837 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:41:46,837 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:41:46,838 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:41:46,838 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:41:46,838 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) || ((pumpRunning == 0 && tmp___0 == 0) && \result == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:41:46,839 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 20:41:46,839 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-02 20:41:46,844 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-02 20:41:46,844 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:41:46,844 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-11-02 20:41:46,902 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/witness.graphml [2022-11-02 20:41:46,903 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-02 20:41:46,903 INFO L158 Benchmark]: Toolchain (without parser) took 16637.28ms. Allocated memory was 125.8MB in the beginning and 220.2MB in the end (delta: 94.4MB). Free memory was 91.1MB in the beginning and 79.6MB in the end (delta: 11.5MB). Peak memory consumption was 105.0MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,904 INFO L158 Benchmark]: CDTParser took 0.38ms. Allocated memory is still 86.0MB. Free memory was 41.7MB in the beginning and 41.6MB in the end (delta: 50.3kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-02 20:41:46,904 INFO L158 Benchmark]: CACSL2BoogieTranslator took 731.35ms. Allocated memory is still 125.8MB. Free memory was 90.8MB in the beginning and 92.8MB in the end (delta: -2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,905 INFO L158 Benchmark]: Boogie Procedure Inliner took 63.61ms. Allocated memory is still 125.8MB. Free memory was 92.8MB in the beginning and 90.4MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,905 INFO L158 Benchmark]: Boogie Preprocessor took 36.69ms. Allocated memory is still 125.8MB. Free memory was 90.0MB in the beginning and 88.3MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,906 INFO L158 Benchmark]: RCFGBuilder took 900.90ms. Allocated memory is still 125.8MB. Free memory was 88.3MB in the beginning and 68.9MB in the end (delta: 19.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,906 INFO L158 Benchmark]: TraceAbstraction took 14723.09ms. Allocated memory was 125.8MB in the beginning and 220.2MB in the end (delta: 94.4MB). Free memory was 101.1MB in the beginning and 86.9MB in the end (delta: 14.2MB). Peak memory consumption was 109.9MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,907 INFO L158 Benchmark]: Witness Printer took 147.40ms. Allocated memory is still 220.2MB. Free memory was 86.9MB in the beginning and 79.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-02 20:41:46,909 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.38ms. Allocated memory is still 86.0MB. Free memory was 41.7MB in the beginning and 41.6MB in the end (delta: 50.3kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 731.35ms. Allocated memory is still 125.8MB. Free memory was 90.8MB in the beginning and 92.8MB in the end (delta: -2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 63.61ms. Allocated memory is still 125.8MB. Free memory was 92.8MB in the beginning and 90.4MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 36.69ms. Allocated memory is still 125.8MB. Free memory was 90.0MB in the beginning and 88.3MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 900.90ms. Allocated memory is still 125.8MB. Free memory was 88.3MB in the beginning and 68.9MB in the end (delta: 19.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 14723.09ms. Allocated memory was 125.8MB in the beginning and 220.2MB in the end (delta: 94.4MB). Free memory was 101.1MB in the beginning and 86.9MB in the end (delta: 14.2MB). Peak memory consumption was 109.9MB. Max. memory is 16.1GB. * Witness Printer took 147.40ms. Allocated memory is still 220.2MB. Free memory was 86.9MB in the beginning and 79.6MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 96 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 14.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 4.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 6.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1837 SdHoareTripleChecker+Valid, 2.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1808 mSDsluCounter, 4215 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3017 mSDsCounter, 561 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2192 IncrementalHoareTripleChecker+Invalid, 2753 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 561 mSolverCounterUnsat, 1198 mSDtfsCounter, 2192 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 405 GetRequests, 292 SyntacticMatches, 4 SemanticMatches, 109 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 667 ImplicationChecksByTransitivity, 1.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=433occurred in iteration=9, InterpolantAutomatonStates: 104, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 137 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 45 LocationsWithAnnotation, 1014 PreInvPairs, 1220 NumberOfFragments, 1918 HoareAnnotationTreeSize, 1014 FomulaSimplifications, 788 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 45 FomulaSimplificationsInter, 9118 FormulaSimplificationTreeSizeReductionInter, 5.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.8s InterpolantComputationTime, 624 NumberOfCodeBlocks, 624 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 712 ConstructedInterpolants, 0 QuantifiedInterpolants, 1476 SizeOfPredicates, 3 NumberOfNonLiveVariables, 488 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 100/126 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 677]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 856]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 176]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 73]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 87]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 907]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 990]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 695]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (((\result <= 2 && tmp <= 2) && 1 < tmp) && 2 <= \result)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 971]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) || ((pumpRunning == 0 && tmp___0 == 0) && \result == 0)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 735]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning && tmp == 1) && 2 <= waterLevel) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || ((((((1 <= pumpRunning && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 99]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 725]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 80]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 890]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 285]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 276]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 156]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 244]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 685]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 299]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 208]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 881]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 734]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 50]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) RESULT: Ultimate proved your program to be correct! [2022-11-02 20:41:46,984 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_26b36da7-c533-4b00-8f31-47a1ad481642/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE