./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-02 20:13:50,731 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-02 20:13:50,733 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-02 20:13:50,774 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-02 20:13:50,774 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-02 20:13:50,775 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-02 20:13:50,776 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-02 20:13:50,778 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-02 20:13:50,780 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-02 20:13:50,780 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-02 20:13:50,781 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-02 20:13:50,783 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-02 20:13:50,783 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-02 20:13:50,784 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-02 20:13:50,785 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-02 20:13:50,786 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-02 20:13:50,787 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-02 20:13:50,788 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-02 20:13:50,790 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-02 20:13:50,792 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-02 20:13:50,794 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-02 20:13:50,795 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-02 20:13:50,796 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-02 20:13:50,797 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-02 20:13:50,801 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-02 20:13:50,801 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-02 20:13:50,802 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-02 20:13:50,803 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-02 20:13:50,805 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-02 20:13:50,806 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-02 20:13:50,813 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-02 20:13:50,814 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-02 20:13:50,815 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-02 20:13:50,817 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-02 20:13:50,818 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-02 20:13:50,819 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-02 20:13:50,820 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-02 20:13:50,820 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-02 20:13:50,821 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-02 20:13:50,822 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-02 20:13:50,822 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-02 20:13:50,823 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-02 20:13:50,861 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-02 20:13:50,864 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-02 20:13:50,865 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-02 20:13:50,865 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-02 20:13:50,867 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-02 20:13:50,867 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-02 20:13:50,868 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-02 20:13:50,868 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-02 20:13:50,869 INFO L138 SettingsManager]: * Use SBE=true [2022-11-02 20:13:50,869 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-02 20:13:50,870 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-02 20:13:50,870 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-02 20:13:50,870 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-02 20:13:50,871 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-02 20:13:50,871 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-02 20:13:50,871 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-02 20:13:50,871 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-02 20:13:50,872 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-02 20:13:50,872 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-02 20:13:50,872 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-02 20:13:50,872 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-02 20:13:50,872 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-02 20:13:50,873 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-02 20:13:50,873 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-02 20:13:50,873 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 20:13:50,873 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-02 20:13:50,873 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-02 20:13:50,874 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-02 20:13:50,874 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-02 20:13:50,874 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-02 20:13:50,874 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-02 20:13:50,875 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-02 20:13:50,875 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-02 20:13:50,875 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2022-11-02 20:13:51,137 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-02 20:13:51,158 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-02 20:13:51,160 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-02 20:13:51,162 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-02 20:13:51,162 INFO L275 PluginConnector]: CDTParser initialized [2022-11-02 20:13:51,164 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-02 20:13:51,226 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/data/9e7c32a2e/d3b969e568c7466babfd9b09a260a078/FLAG3b80b1681 [2022-11-02 20:13:51,756 INFO L306 CDTParser]: Found 1 translation units. [2022-11-02 20:13:51,757 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-02 20:13:51,772 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/data/9e7c32a2e/d3b969e568c7466babfd9b09a260a078/FLAG3b80b1681 [2022-11-02 20:13:52,057 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/data/9e7c32a2e/d3b969e568c7466babfd9b09a260a078 [2022-11-02 20:13:52,060 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-02 20:13:52,061 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-02 20:13:52,063 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-02 20:13:52,063 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-02 20:13:52,067 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-02 20:13:52,067 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,068 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@353b482f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52, skipping insertion in model container [2022-11-02 20:13:52,069 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,076 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-02 20:13:52,119 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-02 20:13:52,427 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-02 20:13:52,478 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 20:13:52,486 INFO L203 MainTranslator]: Completed pre-run [2022-11-02 20:13:52,535 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-02 20:13:52,549 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 20:13:52,565 INFO L208 MainTranslator]: Completed translation [2022-11-02 20:13:52,566 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52 WrapperNode [2022-11-02 20:13:52,566 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-02 20:13:52,567 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-02 20:13:52,567 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-02 20:13:52,567 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-02 20:13:52,575 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,587 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,627 INFO L138 Inliner]: procedures = 59, calls = 160, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 288 [2022-11-02 20:13:52,628 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-02 20:13:52,629 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-02 20:13:52,630 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-02 20:13:52,630 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-02 20:13:52,639 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,639 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,651 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,653 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,659 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,677 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,679 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,683 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,685 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-02 20:13:52,686 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-02 20:13:52,693 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-02 20:13:52,693 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-02 20:13:52,694 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (1/1) ... [2022-11-02 20:13:52,704 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 20:13:52,724 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 20:13:52,739 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-02 20:13:52,755 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-02 20:13:52,781 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-02 20:13:52,782 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-02 20:13:52,782 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-02 20:13:52,782 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-02 20:13:52,782 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-02 20:13:52,782 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-02 20:13:52,782 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-02 20:13:52,782 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:13:52,782 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:13:52,782 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-02 20:13:52,783 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-02 20:13:52,783 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-02 20:13:52,783 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-02 20:13:52,783 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-02 20:13:52,783 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-02 20:13:52,783 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-02 20:13:52,784 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-02 20:13:52,784 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-02 20:13:52,871 INFO L235 CfgBuilder]: Building ICFG [2022-11-02 20:13:52,874 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-02 20:13:53,317 INFO L276 CfgBuilder]: Performing block encoding [2022-11-02 20:13:53,325 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-02 20:13:53,325 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-02 20:13:53,328 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:13:53 BoogieIcfgContainer [2022-11-02 20:13:53,328 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-02 20:13:53,330 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-02 20:13:53,330 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-02 20:13:53,334 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-02 20:13:53,334 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 02.11 08:13:52" (1/3) ... [2022-11-02 20:13:53,335 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62c2d637 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 08:13:53, skipping insertion in model container [2022-11-02 20:13:53,335 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 08:13:52" (2/3) ... [2022-11-02 20:13:53,336 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62c2d637 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 08:13:53, skipping insertion in model container [2022-11-02 20:13:53,336 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:13:53" (3/3) ... [2022-11-02 20:13:53,337 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2022-11-02 20:13:53,356 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-02 20:13:53,357 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-02 20:13:53,425 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-02 20:13:53,432 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@696f08ea, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-02 20:13:53,433 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-02 20:13:53,437 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-02 20:13:53,447 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-02 20:13:53,448 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:53,449 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:53,449 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:53,454 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:53,454 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2022-11-02 20:13:53,464 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:53,464 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [825582567] [2022-11-02 20:13:53,465 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:53,465 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:53,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:53,787 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-02 20:13:53,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:53,811 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-02 20:13:53,813 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:53,816 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:53,817 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:53,817 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [825582567] [2022-11-02 20:13:53,818 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [825582567] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:53,818 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:53,818 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-02 20:13:53,820 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1637185861] [2022-11-02 20:13:53,821 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:53,830 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-02 20:13:53,830 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:53,868 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-02 20:13:53,871 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 20:13:53,874 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:13:53,938 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:53,940 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2022-11-02 20:13:53,941 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-02 20:13:53,942 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-02 20:13:53,943 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:53,956 INFO L225 Difference]: With dead ends: 185 [2022-11-02 20:13:53,956 INFO L226 Difference]: Without dead ends: 88 [2022-11-02 20:13:53,961 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 20:13:53,967 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:53,969 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:13:53,988 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-11-02 20:13:54,012 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-11-02 20:13:54,020 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-02 20:13:54,023 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2022-11-02 20:13:54,024 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2022-11-02 20:13:54,025 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:54,025 INFO L495 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2022-11-02 20:13:54,025 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:13:54,025 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-11-02 20:13:54,028 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-02 20:13:54,028 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:54,028 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:54,029 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-02 20:13:54,029 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:54,030 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:54,030 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2022-11-02 20:13:54,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:54,030 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [964120300] [2022-11-02 20:13:54,030 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:54,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:54,083 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,215 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-02 20:13:54,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,223 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-02 20:13:54,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,233 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:54,233 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:54,234 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [964120300] [2022-11-02 20:13:54,235 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [964120300] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:54,235 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:54,235 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 20:13:54,236 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [209424157] [2022-11-02 20:13:54,237 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:54,239 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 20:13:54,239 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:54,240 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 20:13:54,240 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,241 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:13:54,279 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:54,282 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2022-11-02 20:13:54,282 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 20:13:54,282 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-02 20:13:54,283 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:54,284 INFO L225 Difference]: With dead ends: 140 [2022-11-02 20:13:54,286 INFO L226 Difference]: Without dead ends: 79 [2022-11-02 20:13:54,288 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,290 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:54,292 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:13:54,293 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-02 20:13:54,302 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-02 20:13:54,302 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-02 20:13:54,304 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2022-11-02 20:13:54,304 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2022-11-02 20:13:54,304 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:54,305 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2022-11-02 20:13:54,305 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 20:13:54,305 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-11-02 20:13:54,306 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-02 20:13:54,307 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:54,307 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:54,307 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-02 20:13:54,307 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:54,308 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:54,308 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2022-11-02 20:13:54,308 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:54,309 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1021952529] [2022-11-02 20:13:54,309 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:54,309 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:54,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,423 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:54,425 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,428 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-02 20:13:54,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,432 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:54,432 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:54,432 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1021952529] [2022-11-02 20:13:54,432 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1021952529] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:54,432 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:54,433 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 20:13:54,433 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [809675717] [2022-11-02 20:13:54,433 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:54,433 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 20:13:54,434 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:54,434 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 20:13:54,434 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,434 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:13:54,466 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:54,466 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2022-11-02 20:13:54,469 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 20:13:54,470 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-02 20:13:54,470 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:54,474 INFO L225 Difference]: With dead ends: 150 [2022-11-02 20:13:54,474 INFO L226 Difference]: Without dead ends: 79 [2022-11-02 20:13:54,478 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,483 INFO L413 NwaCegarLoop]: 99 mSDtfsCounter, 91 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:54,484 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 99 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:13:54,484 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-02 20:13:54,492 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-02 20:13:54,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-02 20:13:54,499 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2022-11-02 20:13:54,499 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2022-11-02 20:13:54,501 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:54,501 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2022-11-02 20:13:54,501 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:13:54,501 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2022-11-02 20:13:54,503 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-11-02 20:13:54,503 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:54,503 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:54,503 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-02 20:13:54,504 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:54,504 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:54,504 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2022-11-02 20:13:54,504 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:54,505 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1211918301] [2022-11-02 20:13:54,505 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:54,505 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:54,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,603 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:54,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,608 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-11-02 20:13:54,610 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,612 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:54,612 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:54,612 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1211918301] [2022-11-02 20:13:54,613 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1211918301] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:54,613 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:54,613 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 20:13:54,613 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [179827598] [2022-11-02 20:13:54,613 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:54,614 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 20:13:54,614 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:54,614 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 20:13:54,615 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,615 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:13:54,652 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:54,652 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2022-11-02 20:13:54,653 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 20:13:54,653 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-11-02 20:13:54,653 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:54,654 INFO L225 Difference]: With dead ends: 199 [2022-11-02 20:13:54,654 INFO L226 Difference]: Without dead ends: 128 [2022-11-02 20:13:54,655 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 20:13:54,656 INFO L413 NwaCegarLoop]: 108 mSDtfsCounter, 59 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:54,657 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 176 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 20:13:54,661 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-02 20:13:54,681 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2022-11-02 20:13:54,682 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2022-11-02 20:13:54,685 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2022-11-02 20:13:54,686 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2022-11-02 20:13:54,686 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:54,686 INFO L495 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2022-11-02 20:13:54,687 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 20:13:54,687 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2022-11-02 20:13:54,691 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-02 20:13:54,692 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:54,692 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:54,692 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-02 20:13:54,693 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:54,693 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:54,693 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2022-11-02 20:13:54,694 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:54,695 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [837719460] [2022-11-02 20:13:54,695 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:54,695 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:54,735 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,922 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:54,924 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,937 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-02 20:13:54,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-02 20:13:54,962 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,964 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2022-11-02 20:13:54,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:54,980 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-02 20:13:54,980 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:54,981 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [837719460] [2022-11-02 20:13:54,981 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [837719460] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:54,981 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:54,981 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-02 20:13:54,981 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2101323890] [2022-11-02 20:13:54,982 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:54,982 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-02 20:13:54,982 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:54,983 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-02 20:13:54,983 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-02 20:13:54,983 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-02 20:13:55,252 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:55,252 INFO L93 Difference]: Finished difference Result 280 states and 355 transitions. [2022-11-02 20:13:55,252 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-02 20:13:55,252 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 54 [2022-11-02 20:13:55,253 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:55,254 INFO L225 Difference]: With dead ends: 280 [2022-11-02 20:13:55,254 INFO L226 Difference]: Without dead ends: 162 [2022-11-02 20:13:55,255 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-02 20:13:55,256 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 119 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 191 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 125 SdHoareTripleChecker+Valid, 465 SdHoareTripleChecker+Invalid, 223 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 191 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:55,256 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [125 Valid, 465 Invalid, 223 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 191 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 20:13:55,257 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-11-02 20:13:55,277 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 148. [2022-11-02 20:13:55,278 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:13:55,294 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2022-11-02 20:13:55,294 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2022-11-02 20:13:55,294 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:55,295 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2022-11-02 20:13:55,295 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-02 20:13:55,295 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2022-11-02 20:13:55,298 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-02 20:13:55,298 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:55,298 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:55,298 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-02 20:13:55,299 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:55,299 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:55,299 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2022-11-02 20:13:55,299 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:55,300 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [113435284] [2022-11-02 20:13:55,300 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:55,300 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:55,317 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,408 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:55,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,426 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-02 20:13:55,432 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,484 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-02 20:13:55,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,488 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:55,488 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:55,489 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [113435284] [2022-11-02 20:13:55,489 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [113435284] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:55,489 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:55,489 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-02 20:13:55,489 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [559970170] [2022-11-02 20:13:55,489 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:55,491 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-02 20:13:55,492 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:55,492 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-02 20:13:55,492 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-02 20:13:55,493 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:13:55,674 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:55,674 INFO L93 Difference]: Finished difference Result 298 states and 383 transitions. [2022-11-02 20:13:55,674 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 20:13:55,675 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-02 20:13:55,675 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:55,676 INFO L225 Difference]: With dead ends: 298 [2022-11-02 20:13:55,676 INFO L226 Difference]: Without dead ends: 158 [2022-11-02 20:13:55,677 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-02 20:13:55,678 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 71 mSDsluCounter, 277 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 368 SdHoareTripleChecker+Invalid, 130 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:55,678 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 368 Invalid, 130 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 20:13:55,679 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-11-02 20:13:55,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 151. [2022-11-02 20:13:55,698 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:13:55,699 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2022-11-02 20:13:55,699 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2022-11-02 20:13:55,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:55,700 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2022-11-02 20:13:55,700 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:13:55,700 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2022-11-02 20:13:55,701 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-02 20:13:55,701 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:55,701 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:55,702 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-02 20:13:55,702 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:55,702 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:55,702 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2022-11-02 20:13:55,703 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:55,703 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [920184340] [2022-11-02 20:13:55,703 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:55,703 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:55,719 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,789 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:55,791 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,803 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-02 20:13:55,806 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,864 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-02 20:13:55,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:55,867 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:55,868 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:55,868 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [920184340] [2022-11-02 20:13:55,868 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [920184340] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:55,868 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:55,868 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-02 20:13:55,869 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1124274721] [2022-11-02 20:13:55,869 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:55,869 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-02 20:13:55,869 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:55,870 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-02 20:13:55,870 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-02 20:13:55,870 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-02 20:13:56,037 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:56,037 INFO L93 Difference]: Finished difference Result 307 states and 393 transitions. [2022-11-02 20:13:56,038 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 20:13:56,038 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 56 [2022-11-02 20:13:56,040 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:56,041 INFO L225 Difference]: With dead ends: 307 [2022-11-02 20:13:56,042 INFO L226 Difference]: Without dead ends: 164 [2022-11-02 20:13:56,046 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2022-11-02 20:13:56,048 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 178 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 182 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 129 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:56,048 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [182 Valid, 288 Invalid, 129 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 20:13:56,050 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 164 states. [2022-11-02 20:13:56,080 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 164 to 153. [2022-11-02 20:13:56,081 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-02 20:13:56,082 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2022-11-02 20:13:56,082 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2022-11-02 20:13:56,083 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:56,083 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2022-11-02 20:13:56,091 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-02 20:13:56,092 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2022-11-02 20:13:56,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-02 20:13:56,092 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:56,092 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:56,093 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-02 20:13:56,093 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:56,093 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:56,093 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2022-11-02 20:13:56,093 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:56,094 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1910678966] [2022-11-02 20:13:56,094 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:56,094 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:56,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,174 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-02 20:13:56,175 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,180 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-02 20:13:56,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,197 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-02 20:13:56,198 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,199 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:56,200 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:56,200 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1910678966] [2022-11-02 20:13:56,200 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1910678966] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:56,200 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:56,200 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 20:13:56,200 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [639647426] [2022-11-02 20:13:56,200 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:56,201 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 20:13:56,201 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:56,201 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 20:13:56,201 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 20:13:56,202 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:13:56,455 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:56,455 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2022-11-02 20:13:56,456 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 20:13:56,456 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-02 20:13:56,456 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:56,459 INFO L225 Difference]: With dead ends: 430 [2022-11-02 20:13:56,459 INFO L226 Difference]: Without dead ends: 285 [2022-11-02 20:13:56,460 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-02 20:13:56,462 INFO L413 NwaCegarLoop]: 142 mSDtfsCounter, 213 mSDsluCounter, 172 mSDsCounter, 0 mSdLazyCounter, 144 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 220 SdHoareTripleChecker+Valid, 314 SdHoareTripleChecker+Invalid, 209 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 144 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:56,463 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [220 Valid, 314 Invalid, 209 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 144 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 20:13:56,464 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-11-02 20:13:56,501 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2022-11-02 20:13:56,502 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2022-11-02 20:13:56,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2022-11-02 20:13:56,505 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2022-11-02 20:13:56,505 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:56,509 INFO L495 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2022-11-02 20:13:56,509 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 20:13:56,509 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2022-11-02 20:13:56,510 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-02 20:13:56,511 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:56,511 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:56,511 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-02 20:13:56,511 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:56,512 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:56,512 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2022-11-02 20:13:56,512 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:56,512 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1239030595] [2022-11-02 20:13:56,512 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:56,512 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:56,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,739 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 20:13:56,741 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,746 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-02 20:13:56,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,755 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-02 20:13:56,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,776 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2022-11-02 20:13:56,777 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:56,778 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 20:13:56,779 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:56,779 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1239030595] [2022-11-02 20:13:56,779 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1239030595] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 20:13:56,779 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 20:13:56,779 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-02 20:13:56,779 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1844542765] [2022-11-02 20:13:56,780 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 20:13:56,780 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-02 20:13:56,780 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:56,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-02 20:13:56,781 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2022-11-02 20:13:56,781 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 20:13:57,659 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:57,660 INFO L93 Difference]: Finished difference Result 770 states and 1011 transitions. [2022-11-02 20:13:57,660 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-02 20:13:57,660 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2022-11-02 20:13:57,662 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:57,666 INFO L225 Difference]: With dead ends: 770 [2022-11-02 20:13:57,666 INFO L226 Difference]: Without dead ends: 546 [2022-11-02 20:13:57,668 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 255 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=250, Invalid=806, Unknown=0, NotChecked=0, Total=1056 [2022-11-02 20:13:57,670 INFO L413 NwaCegarLoop]: 141 mSDtfsCounter, 619 mSDsluCounter, 442 mSDsCounter, 0 mSdLazyCounter, 481 mSolverCounterSat, 210 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 624 SdHoareTripleChecker+Valid, 583 SdHoareTripleChecker+Invalid, 691 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 210 IncrementalHoareTripleChecker+Valid, 481 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:57,670 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [624 Valid, 583 Invalid, 691 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [210 Valid, 481 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-02 20:13:57,672 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 546 states. [2022-11-02 20:13:57,716 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 546 to 440. [2022-11-02 20:13:57,717 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2022-11-02 20:13:57,741 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2022-11-02 20:13:57,742 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2022-11-02 20:13:57,742 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:57,742 INFO L495 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2022-11-02 20:13:57,742 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 20:13:57,742 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2022-11-02 20:13:57,744 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2022-11-02 20:13:57,744 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 20:13:57,744 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:13:57,744 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-02 20:13:57,744 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 20:13:57,745 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 20:13:57,745 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2022-11-02 20:13:57,745 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 20:13:57,745 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [403862263] [2022-11-02 20:13:57,746 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:57,746 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 20:13:57,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,885 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 20:13:57,886 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,897 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-02 20:13:57,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,921 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 20:13:57,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,931 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-02 20:13:57,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,942 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2022-11-02 20:13:57,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,955 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2022-11-02 20:13:57,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,959 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 20:13:57,959 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2022-11-02 20:13:57,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:57,965 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 16 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-02 20:13:57,965 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 20:13:57,965 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [403862263] [2022-11-02 20:13:57,965 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [403862263] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-02 20:13:57,966 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [39725723] [2022-11-02 20:13:57,966 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 20:13:57,966 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 20:13:57,966 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 20:13:57,968 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-02 20:13:57,989 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-02 20:13:58,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 20:13:58,090 INFO L263 TraceCheckSpWp]: Trace formula consists of 494 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-02 20:13:58,097 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-02 20:13:58,356 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-02 20:13:58,357 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-02 20:13:58,589 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-02 20:13:58,589 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [39725723] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-02 20:13:58,589 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-02 20:13:58,589 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-02 20:13:58,590 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1052070737] [2022-11-02 20:13:58,590 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-02 20:13:58,591 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-02 20:13:58,591 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 20:13:58,591 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-02 20:13:58,592 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2022-11-02 20:13:58,592 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-02 20:13:59,709 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 20:13:59,710 INFO L93 Difference]: Finished difference Result 925 states and 1176 transitions. [2022-11-02 20:13:59,710 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-02 20:13:59,710 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 102 [2022-11-02 20:13:59,711 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 20:13:59,711 INFO L225 Difference]: With dead ends: 925 [2022-11-02 20:13:59,711 INFO L226 Difference]: Without dead ends: 0 [2022-11-02 20:13:59,714 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 224 SyntacticMatches, 4 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 369 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=356, Invalid=1204, Unknown=0, NotChecked=0, Total=1560 [2022-11-02 20:13:59,715 INFO L413 NwaCegarLoop]: 215 mSDtfsCounter, 450 mSDsluCounter, 1022 mSDsCounter, 0 mSdLazyCounter, 937 mSolverCounterSat, 190 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 455 SdHoareTripleChecker+Valid, 1237 SdHoareTripleChecker+Invalid, 1127 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 190 IncrementalHoareTripleChecker+Valid, 937 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-02 20:13:59,716 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [455 Valid, 1237 Invalid, 1127 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [190 Valid, 937 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-02 20:13:59,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-02 20:13:59,716 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-02 20:13:59,716 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-02 20:13:59,717 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-02 20:13:59,717 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2022-11-02 20:13:59,718 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 20:13:59,718 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-02 20:13:59,718 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-02 20:13:59,718 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-02 20:13:59,718 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-02 20:13:59,721 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-02 20:13:59,765 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-02 20:13:59,937 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-02 20:13:59,939 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-02 20:14:04,554 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 790 796) no Hoare annotation was computed. [2022-11-02 20:14:04,554 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 790 796) the Hoare annotation is: true [2022-11-02 20:14:04,554 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-02 20:14:04,554 INFO L899 garLoopResultBuilder]: For program point L88-1(lines 84 95) no Hoare annotation was computed. [2022-11-02 20:14:04,554 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-02 20:14:04,555 INFO L899 garLoopResultBuilder]: For program point L64(lines 64 68) no Hoare annotation was computed. [2022-11-02 20:14:04,555 INFO L899 garLoopResultBuilder]: For program point L770-2(lines 766 788) no Hoare annotation was computed. [2022-11-02 20:14:04,555 INFO L899 garLoopResultBuilder]: For program point L832(lines 832 840) no Hoare annotation was computed. [2022-11-02 20:14:04,556 INFO L895 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (or .cse8 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse5) (or .cse8 .cse0 .cse5 .cse6) (let ((.cse9 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse9 .cse4) .cse5 (and .cse2 .cse9 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:14:04,557 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-11-02 20:14:04,558 INFO L895 garLoopResultBuilder]: At program point L64-2(lines 60 71) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:14:04,558 INFO L899 garLoopResultBuilder]: For program point L828(lines 828 845) no Hoare annotation was computed. [2022-11-02 20:14:04,559 INFO L895 garLoopResultBuilder]: At program point L973(lines 958 976) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:14:04,559 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 763 789) no Hoare annotation was computed. [2022-11-02 20:14:04,559 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 159) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:14:04,559 INFO L895 garLoopResultBuilder]: At program point L177(line 177) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-02 20:14:04,560 INFO L899 garLoopResultBuilder]: For program point L177-1(line 177) no Hoare annotation was computed. [2022-11-02 20:14:04,560 INFO L899 garLoopResultBuilder]: For program point L685(line 685) no Hoare annotation was computed. [2022-11-02 20:14:04,560 INFO L895 garLoopResultBuilder]: At program point L838(line 838) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-02 20:14:04,560 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 204) no Hoare annotation was computed. [2022-11-02 20:14:04,560 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 207) no Hoare annotation was computed. [2022-11-02 20:14:04,561 INFO L895 garLoopResultBuilder]: At program point L190-1(lines 182 210) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not .cse6)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|)))) (and (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse1 .cse2) .cse3 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse2) .cse4)) (let ((.cse7 (<= ~waterLevel~0 2))) (or .cse3 .cse5 (and .cse1 .cse6 .cse7 .cse8) .cse4 (and .cse9 .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (or .cse0 .cse3 (and (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1|) (<= |timeShift_getWaterLevel_#res#1| 2) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse4 .cse10) (let ((.cse11 (= ~waterLevel~0 1))) (or (and .cse1 .cse6 .cse11 .cse8) .cse3 .cse5 (and .cse9 .cse11 .cse8) .cse4 .cse10))))) [2022-11-02 20:14:04,561 INFO L895 garLoopResultBuilder]: At program point L880(lines 875 882) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 .cse4 (not (<= 2 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3)) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4))) [2022-11-02 20:14:04,561 INFO L895 garLoopResultBuilder]: At program point L686(lines 681 688) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-02 20:14:04,562 INFO L895 garLoopResultBuilder]: At program point L843(line 843) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-02 20:14:04,562 INFO L895 garLoopResultBuilder]: At program point L843-1(lines 824 848) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse6 .cse7) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse7) .cse5)) (let ((.cse8 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse6 .cse8 .cse4) .cse5 (and .cse2 .cse8 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:14:04,562 INFO L899 garLoopResultBuilder]: For program point L777-1(lines 777 783) no Hoare annotation was computed. [2022-11-02 20:14:04,562 INFO L899 garLoopResultBuilder]: For program point L967(lines 967 971) no Hoare annotation was computed. [2022-11-02 20:14:04,563 INFO L899 garLoopResultBuilder]: For program point L967-2(lines 967 971) no Hoare annotation was computed. [2022-11-02 20:14:04,563 INFO L895 garLoopResultBuilder]: At program point L133(lines 128 136) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse8 (and .cse7 .cse9) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse9) .cse5)) (or .cse8 .cse0 .cse5 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse6) (let ((.cse10 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse10 .cse4) .cse5 (and .cse2 .cse10 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:14:04,564 INFO L899 garLoopResultBuilder]: For program point L195(lines 195 201) no Hoare annotation was computed. [2022-11-02 20:14:04,564 INFO L895 garLoopResultBuilder]: At program point L179(lines 172 181) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 20:14:04,564 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 763 789) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-02 20:14:04,564 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 763 789) no Hoare annotation was computed. [2022-11-02 20:14:04,565 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 685) no Hoare annotation was computed. [2022-11-02 20:14:04,565 INFO L899 garLoopResultBuilder]: For program point L770(lines 770 776) no Hoare annotation was computed. [2022-11-02 20:14:04,565 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 580 609) no Hoare annotation was computed. [2022-11-02 20:14:04,565 INFO L902 garLoopResultBuilder]: At program point L605(lines 580 609) the Hoare annotation is: true [2022-11-02 20:14:04,566 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 580 609) the Hoare annotation is: true [2022-11-02 20:14:04,566 INFO L899 garLoopResultBuilder]: For program point L601(line 601) no Hoare annotation was computed. [2022-11-02 20:14:04,566 INFO L899 garLoopResultBuilder]: For program point L594(lines 594 598) no Hoare annotation was computed. [2022-11-02 20:14:04,566 INFO L902 garLoopResultBuilder]: At program point L594-1(lines 594 598) the Hoare annotation is: true [2022-11-02 20:14:04,566 INFO L899 garLoopResultBuilder]: For program point L591(line 591) no Hoare annotation was computed. [2022-11-02 20:14:04,566 INFO L902 garLoopResultBuilder]: At program point L590-2(lines 590 604) the Hoare annotation is: true [2022-11-02 20:14:04,568 INFO L902 garLoopResultBuilder]: At program point L586(line 586) the Hoare annotation is: true [2022-11-02 20:14:04,568 INFO L899 garLoopResultBuilder]: For program point L586-1(line 586) no Hoare annotation was computed. [2022-11-02 20:14:04,568 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 674) no Hoare annotation was computed. [2022-11-02 20:14:04,568 INFO L899 garLoopResultBuilder]: For program point L667-2(lines 667 674) no Hoare annotation was computed. [2022-11-02 20:14:04,568 INFO L899 garLoopResultBuilder]: For program point L721(lines 721 727) no Hoare annotation was computed. [2022-11-02 20:14:04,569 INFO L899 garLoopResultBuilder]: For program point L721-1(lines 721 727) no Hoare annotation was computed. [2022-11-02 20:14:04,569 INFO L902 garLoopResultBuilder]: At program point L651(lines 643 653) the Hoare annotation is: true [2022-11-02 20:14:04,569 INFO L895 garLoopResultBuilder]: At program point L746(lines 701 748) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 20:14:04,569 INFO L895 garLoopResultBuilder]: At program point L713(line 713) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 20:14:04,569 INFO L902 garLoopResultBuilder]: At program point L676(lines 657 679) the Hoare annotation is: true [2022-11-02 20:14:04,570 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-02 20:14:04,570 INFO L895 garLoopResultBuilder]: At program point L639(lines 635 641) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:14:04,570 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-02 20:14:04,570 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-02 20:14:04,570 INFO L895 garLoopResultBuilder]: At program point L982(lines 977 984) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 20:14:04,571 INFO L895 garLoopResultBuilder]: At program point L169(lines 164 171) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:14:04,571 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 743) no Hoare annotation was computed. [2022-11-02 20:14:04,571 INFO L895 garLoopResultBuilder]: At program point L739-2(lines 731 744) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 20:14:04,571 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-02 20:14:04,571 INFO L899 garLoopResultBuilder]: For program point L702(lines 701 748) no Hoare annotation was computed. [2022-11-02 20:14:04,572 INFO L899 garLoopResultBuilder]: For program point L731(lines 731 744) no Hoare annotation was computed. [2022-11-02 20:14:04,572 INFO L895 garLoopResultBuilder]: At program point L1016(lines 1011 1019) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:14:04,572 INFO L895 garLoopResultBuilder]: At program point L723(line 723) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 20:14:04,573 INFO L895 garLoopResultBuilder]: At program point L1008(lines 1004 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:14:04,573 INFO L902 garLoopResultBuilder]: At program point L752(lines 691 756) the Hoare annotation is: true [2022-11-02 20:14:04,573 INFO L899 garLoopResultBuilder]: For program point L711(lines 711 717) no Hoare annotation was computed. [2022-11-02 20:14:04,573 INFO L899 garLoopResultBuilder]: For program point L711-1(lines 711 717) no Hoare annotation was computed. [2022-11-02 20:14:04,573 INFO L899 garLoopResultBuilder]: For program point L703(lines 703 707) no Hoare annotation was computed. [2022-11-02 20:14:04,575 INFO L895 garLoopResultBuilder]: At program point L749(lines 700 750) the Hoare annotation is: false [2022-11-02 20:14:04,575 INFO L895 garLoopResultBuilder]: At program point L1001(lines 997 1003) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 20:14:04,575 INFO L899 garLoopResultBuilder]: For program point L865(lines 865 871) no Hoare annotation was computed. [2022-11-02 20:14:04,576 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 798 822) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-11-02 20:14:04,576 INFO L895 garLoopResultBuilder]: At program point L865-2(lines 858 874) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (<= 2 ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse0) .cse1 .cse2 (and (= ~pumpRunning~0 0) .cse0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:14:04,576 INFO L895 garLoopResultBuilder]: At program point L954(lines 939 957) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~9#1| 0))) .cse1 .cse2 (and .cse0 (<= 2 ~waterLevel~0)))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:14:04,576 INFO L895 garLoopResultBuilder]: At program point L890(lines 883 893) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-02 20:14:04,576 INFO L899 garLoopResultBuilder]: For program point L948(lines 948 952) no Hoare annotation was computed. [2022-11-02 20:14:04,577 INFO L899 garLoopResultBuilder]: For program point L948-2(lines 948 952) no Hoare annotation was computed. [2022-11-02 20:14:04,577 INFO L899 garLoopResultBuilder]: For program point L141(lines 141 147) no Hoare annotation was computed. [2022-11-02 20:14:04,577 INFO L895 garLoopResultBuilder]: At program point L812(line 812) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:14:04,577 INFO L899 garLoopResultBuilder]: For program point L806(lines 806 814) no Hoare annotation was computed. [2022-11-02 20:14:04,577 INFO L899 garLoopResultBuilder]: For program point L802(lines 802 819) no Hoare annotation was computed. [2022-11-02 20:14:04,577 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 798 822) no Hoare annotation was computed. [2022-11-02 20:14:04,578 INFO L895 garLoopResultBuilder]: At program point L854(lines 849 856) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0)) .cse0 .cse1))) [2022-11-02 20:14:04,578 INFO L895 garLoopResultBuilder]: At program point L146(lines 137 150) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0))) .cse2 (and .cse1 (<= 2 ~waterLevel~0)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 20:14:04,578 INFO L895 garLoopResultBuilder]: At program point L817(line 817) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-11-02 20:14:04,579 INFO L899 garLoopResultBuilder]: For program point L817-1(lines 798 822) no Hoare annotation was computed. [2022-11-02 20:14:04,579 INFO L895 garLoopResultBuilder]: At program point L101(lines 96 104) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-02 20:14:04,579 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-02 20:14:04,579 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 72 83) no Hoare annotation was computed. [2022-11-02 20:14:04,580 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3))) [2022-11-02 20:14:04,580 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 894 902) no Hoare annotation was computed. [2022-11-02 20:14:04,580 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 894 902) the Hoare annotation is: true [2022-11-02 20:14:04,580 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 894 902) no Hoare annotation was computed. [2022-11-02 20:14:04,583 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 20:14:04,586 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-02 20:14:04,632 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 02.11 08:14:04 BoogieIcfgContainer [2022-11-02 20:14:04,638 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-02 20:14:04,641 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-02 20:14:04,641 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-02 20:14:04,641 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-02 20:14:04,642 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 08:13:53" (3/4) ... [2022-11-02 20:14:04,645 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-02 20:14:04,651 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-02 20:14:04,651 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-02 20:14:04,651 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-02 20:14:04,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-02 20:14:04,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 20:14:04,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-02 20:14:04,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-02 20:14:04,665 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 54 nodes and edges [2022-11-02 20:14:04,666 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-02 20:14:04,666 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-02 20:14:04,667 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-02 20:14:04,667 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-02 20:14:04,668 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 20:14:04,668 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 20:14:04,699 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:14:04,699 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:14:04,700 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:14:04,701 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:14:04,701 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 20:14:04,701 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 20:14:04,702 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:14:04,702 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:14:04,702 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-02 20:14:04,703 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:14:04,703 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 20:14:04,707 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-02 20:14:04,707 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-02 20:14:04,707 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 20:14:04,708 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-11-02 20:14:04,749 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/witness.graphml [2022-11-02 20:14:04,749 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-02 20:14:04,750 INFO L158 Benchmark]: Toolchain (without parser) took 12688.65ms. Allocated memory was 104.9MB in the beginning and 161.5MB in the end (delta: 56.6MB). Free memory was 67.2MB in the beginning and 120.1MB in the end (delta: -52.8MB). Peak memory consumption was 5.2MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,750 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 104.9MB. Free memory is still 84.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-02 20:14:04,751 INFO L158 Benchmark]: CACSL2BoogieTranslator took 503.28ms. Allocated memory is still 104.9MB. Free memory was 67.1MB in the beginning and 72.9MB in the end (delta: -5.8MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,751 INFO L158 Benchmark]: Boogie Procedure Inliner took 61.82ms. Allocated memory is still 104.9MB. Free memory was 72.5MB in the beginning and 70.0MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,751 INFO L158 Benchmark]: Boogie Preprocessor took 56.29ms. Allocated memory is still 104.9MB. Free memory was 70.0MB in the beginning and 68.3MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,752 INFO L158 Benchmark]: RCFGBuilder took 641.84ms. Allocated memory is still 104.9MB. Free memory was 68.3MB in the beginning and 48.7MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,752 INFO L158 Benchmark]: TraceAbstraction took 11308.32ms. Allocated memory was 104.9MB in the beginning and 161.5MB in the end (delta: 56.6MB). Free memory was 47.9MB in the beginning and 126.4MB in the end (delta: -78.5MB). Peak memory consumption was 65.5MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,753 INFO L158 Benchmark]: Witness Printer took 108.65ms. Allocated memory is still 161.5MB. Free memory was 126.4MB in the beginning and 120.1MB in the end (delta: 6.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-02 20:14:04,755 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 104.9MB. Free memory is still 84.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 503.28ms. Allocated memory is still 104.9MB. Free memory was 67.1MB in the beginning and 72.9MB in the end (delta: -5.8MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 61.82ms. Allocated memory is still 104.9MB. Free memory was 72.5MB in the beginning and 70.0MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.29ms. Allocated memory is still 104.9MB. Free memory was 70.0MB in the beginning and 68.3MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 641.84ms. Allocated memory is still 104.9MB. Free memory was 68.3MB in the beginning and 48.7MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 11308.32ms. Allocated memory was 104.9MB in the beginning and 161.5MB in the end (delta: 56.6MB). Free memory was 47.9MB in the beginning and 126.4MB in the end (delta: -78.5MB). Peak memory consumption was 65.5MB. Max. memory is 16.1GB. * Witness Printer took 108.65ms. Allocated memory is still 161.5MB. Free memory was 126.4MB in the beginning and 120.1MB in the end (delta: 6.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 11.2s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1846 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1813 mSDsluCounter, 3835 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2623 mSDsCounter, 566 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1961 IncrementalHoareTripleChecker+Invalid, 2527 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 566 mSolverCounterUnsat, 1212 mSDtfsCounter, 1961 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 408 GetRequests, 298 SyntacticMatches, 4 SemanticMatches, 106 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 655 ImplicationChecksByTransitivity, 1.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 101, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 142 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 1015 PreInvPairs, 1233 NumberOfFragments, 1876 HoareAnnotationTreeSize, 1015 FomulaSimplifications, 752 FormulaSimplificationTreeSizeReduction, 0.4s HoareSimplificationTime, 46 FomulaSimplificationsInter, 9420 FormulaSimplificationTreeSizeReductionInter, 4.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.1s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1477 SizeOfPredicates, 3 NumberOfNonLiveVariables, 494 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 101/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 635]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 128]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 824]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1011]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 939]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 681]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 643]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 580]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 958]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 182]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 60]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 858]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 137]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 849]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 997]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-02 20:14:04,837 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_3f15a108-3cd7-4c3e-aeb8-a04d3b05d7fd/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE