./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-02 21:11:15,942 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-02 21:11:15,945 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-02 21:11:15,978 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-02 21:11:15,978 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-02 21:11:15,979 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-02 21:11:15,981 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-02 21:11:15,983 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-02 21:11:15,984 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-02 21:11:15,985 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-02 21:11:15,986 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-02 21:11:15,988 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-02 21:11:15,988 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-02 21:11:15,989 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-02 21:11:15,990 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-02 21:11:15,992 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-02 21:11:15,993 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-02 21:11:15,994 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-02 21:11:15,996 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-02 21:11:15,998 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-02 21:11:15,999 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-02 21:11:16,004 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-02 21:11:16,009 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-02 21:11:16,010 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-02 21:11:16,013 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-02 21:11:16,019 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-02 21:11:16,019 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-02 21:11:16,020 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-02 21:11:16,021 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-02 21:11:16,022 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-02 21:11:16,023 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-02 21:11:16,024 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-02 21:11:16,026 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-02 21:11:16,027 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-02 21:11:16,029 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-02 21:11:16,030 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-02 21:11:16,031 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-02 21:11:16,032 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-02 21:11:16,032 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-02 21:11:16,033 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-02 21:11:16,034 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-02 21:11:16,035 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-02 21:11:16,068 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-02 21:11:16,068 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-02 21:11:16,069 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-02 21:11:16,069 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-02 21:11:16,070 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-02 21:11:16,070 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-02 21:11:16,071 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-02 21:11:16,071 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-02 21:11:16,071 INFO L138 SettingsManager]: * Use SBE=true [2022-11-02 21:11:16,071 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-02 21:11:16,072 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-02 21:11:16,072 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-02 21:11:16,073 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-02 21:11:16,073 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-02 21:11:16,073 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-02 21:11:16,073 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-02 21:11:16,074 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-02 21:11:16,074 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-02 21:11:16,074 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-02 21:11:16,074 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-02 21:11:16,074 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-02 21:11:16,075 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-02 21:11:16,075 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-02 21:11:16,075 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-02 21:11:16,075 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 21:11:16,076 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-02 21:11:16,076 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-02 21:11:16,076 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-02 21:11:16,076 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-02 21:11:16,077 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-02 21:11:16,077 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-02 21:11:16,077 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-02 21:11:16,078 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-02 21:11:16,078 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c [2022-11-02 21:11:16,364 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-02 21:11:16,386 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-02 21:11:16,389 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-02 21:11:16,390 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-02 21:11:16,391 INFO L275 PluginConnector]: CDTParser initialized [2022-11-02 21:11:16,393 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-02 21:11:16,483 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/data/f7c5dda0e/b2fea669e167427bb4e345c591fd34de/FLAGa9a6d3dc1 [2022-11-02 21:11:16,957 INFO L306 CDTParser]: Found 1 translation units. [2022-11-02 21:11:16,957 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-02 21:11:16,969 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/data/f7c5dda0e/b2fea669e167427bb4e345c591fd34de/FLAGa9a6d3dc1 [2022-11-02 21:11:17,298 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/data/f7c5dda0e/b2fea669e167427bb4e345c591fd34de [2022-11-02 21:11:17,300 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-02 21:11:17,303 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-02 21:11:17,307 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-02 21:11:17,308 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-02 21:11:17,312 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-02 21:11:17,313 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,315 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@43c37ac1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17, skipping insertion in model container [2022-11-02 21:11:17,315 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,323 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-02 21:11:17,374 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-02 21:11:17,617 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-02 21:11:17,682 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 21:11:17,701 INFO L203 MainTranslator]: Completed pre-run [2022-11-02 21:11:17,763 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-02 21:11:17,817 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-02 21:11:17,846 INFO L208 MainTranslator]: Completed translation [2022-11-02 21:11:17,847 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17 WrapperNode [2022-11-02 21:11:17,847 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-02 21:11:17,848 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-02 21:11:17,848 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-02 21:11:17,848 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-02 21:11:17,856 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,883 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,928 INFO L138 Inliner]: procedures = 57, calls = 157, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 262 [2022-11-02 21:11:17,929 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-02 21:11:17,930 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-02 21:11:17,931 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-02 21:11:17,931 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-02 21:11:17,940 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,941 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,952 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,952 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,957 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,964 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,965 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,967 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,969 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-02 21:11:17,970 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-02 21:11:17,970 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-02 21:11:17,970 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-02 21:11:17,971 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (1/1) ... [2022-11-02 21:11:17,985 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-02 21:11:18,000 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 21:11:18,012 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-02 21:11:18,023 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-02 21:11:18,059 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-02 21:11:18,059 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-02 21:11:18,059 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-02 21:11:18,059 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-02 21:11:18,059 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-02 21:11:18,059 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-02 21:11:18,059 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-02 21:11:18,060 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 21:11:18,060 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 21:11:18,060 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-02 21:11:18,060 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-02 21:11:18,060 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-02 21:11:18,060 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-02 21:11:18,061 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-02 21:11:18,061 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-02 21:11:18,061 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-02 21:11:18,061 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-02 21:11:18,061 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-02 21:11:18,140 INFO L235 CfgBuilder]: Building ICFG [2022-11-02 21:11:18,142 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-02 21:11:18,593 INFO L276 CfgBuilder]: Performing block encoding [2022-11-02 21:11:18,600 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-02 21:11:18,601 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-02 21:11:18,603 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 09:11:18 BoogieIcfgContainer [2022-11-02 21:11:18,603 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-02 21:11:18,606 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-02 21:11:18,606 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-02 21:11:18,610 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-02 21:11:18,610 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 02.11 09:11:17" (1/3) ... [2022-11-02 21:11:18,611 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@14f20b1d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 09:11:18, skipping insertion in model container [2022-11-02 21:11:18,611 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.11 09:11:17" (2/3) ... [2022-11-02 21:11:18,612 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@14f20b1d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.11 09:11:18, skipping insertion in model container [2022-11-02 21:11:18,612 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 09:11:18" (3/3) ... [2022-11-02 21:11:18,613 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product49.cil.c [2022-11-02 21:11:18,632 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-02 21:11:18,633 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-02 21:11:18,684 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-02 21:11:18,691 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@b69d728, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-02 21:11:18,692 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-02 21:11:18,696 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-02 21:11:18,707 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-02 21:11:18,707 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:18,708 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:18,709 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:18,714 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:18,714 INFO L85 PathProgramCache]: Analyzing trace with hash -1747145324, now seen corresponding path program 1 times [2022-11-02 21:11:18,724 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:18,725 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [492742610] [2022-11-02 21:11:18,725 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:18,726 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:18,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:18,953 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-02 21:11:18,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:18,962 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-02 21:11:18,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:18,968 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:18,969 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:18,969 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [492742610] [2022-11-02 21:11:18,970 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [492742610] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:18,970 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:18,971 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-02 21:11:18,972 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [768417630] [2022-11-02 21:11:18,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:18,977 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-02 21:11:18,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:19,018 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-02 21:11:19,020 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 21:11:19,023 INFO L87 Difference]: Start difference. First operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 21:11:19,080 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:19,081 INFO L93 Difference]: Finished difference Result 175 states and 238 transitions. [2022-11-02 21:11:19,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-02 21:11:19,083 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-02 21:11:19,083 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:19,092 INFO L225 Difference]: With dead ends: 175 [2022-11-02 21:11:19,092 INFO L226 Difference]: Without dead ends: 83 [2022-11-02 21:11:19,096 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-02 21:11:19,100 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:19,101 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 21:11:19,119 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-02 21:11:19,142 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-02 21:11:19,144 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.3125) internal successors, (84), 71 states have internal predecessors, (84), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-02 21:11:19,146 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 107 transitions. [2022-11-02 21:11:19,147 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 107 transitions. Word has length 32 [2022-11-02 21:11:19,148 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:19,148 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 107 transitions. [2022-11-02 21:11:19,148 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-02 21:11:19,149 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 107 transitions. [2022-11-02 21:11:19,151 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-02 21:11:19,152 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:19,152 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:19,152 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-02 21:11:19,153 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:19,153 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:19,154 INFO L85 PathProgramCache]: Analyzing trace with hash -372618950, now seen corresponding path program 1 times [2022-11-02 21:11:19,154 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:19,154 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [760858565] [2022-11-02 21:11:19,154 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:19,155 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:19,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,341 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:19,343 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,348 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-11-02 21:11:19,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,360 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:19,360 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:19,360 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [760858565] [2022-11-02 21:11:19,361 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [760858565] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:19,361 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:19,361 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-02 21:11:19,361 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1037513150] [2022-11-02 21:11:19,361 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:19,363 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-02 21:11:19,363 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:19,363 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-02 21:11:19,364 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 21:11:19,364 INFO L87 Difference]: Start difference. First operand 83 states and 107 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 21:11:19,405 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:19,405 INFO L93 Difference]: Finished difference Result 158 states and 209 transitions. [2022-11-02 21:11:19,406 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-02 21:11:19,406 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-11-02 21:11:19,407 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:19,408 INFO L225 Difference]: With dead ends: 158 [2022-11-02 21:11:19,408 INFO L226 Difference]: Without dead ends: 83 [2022-11-02 21:11:19,409 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-02 21:11:19,411 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 84 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:19,412 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 105 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-02 21:11:19,413 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-02 21:11:19,423 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-02 21:11:19,423 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.296875) internal successors, (83), 71 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-02 21:11:19,425 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 106 transitions. [2022-11-02 21:11:19,425 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 106 transitions. Word has length 37 [2022-11-02 21:11:19,427 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:19,427 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 106 transitions. [2022-11-02 21:11:19,427 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-02 21:11:19,427 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 106 transitions. [2022-11-02 21:11:19,429 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-02 21:11:19,430 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:19,430 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:19,430 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-02 21:11:19,430 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:19,431 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:19,431 INFO L85 PathProgramCache]: Analyzing trace with hash -2098549486, now seen corresponding path program 1 times [2022-11-02 21:11:19,432 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:19,432 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [987214836] [2022-11-02 21:11:19,432 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:19,432 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:19,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,504 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-02 21:11:19,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,512 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-02 21:11:19,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,517 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 21:11:19,518 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,519 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-02 21:11:19,521 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,523 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:19,524 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:19,524 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [987214836] [2022-11-02 21:11:19,524 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [987214836] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:19,525 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:19,525 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-02 21:11:19,525 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [627262591] [2022-11-02 21:11:19,525 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:19,526 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-02 21:11:19,526 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:19,527 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-02 21:11:19,527 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-02 21:11:19,527 INFO L87 Difference]: Start difference. First operand 83 states and 106 transitions. Second operand has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-02 21:11:19,633 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:19,633 INFO L93 Difference]: Finished difference Result 146 states and 186 transitions. [2022-11-02 21:11:19,634 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-02 21:11:19,634 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2022-11-02 21:11:19,634 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:19,636 INFO L225 Difference]: With dead ends: 146 [2022-11-02 21:11:19,636 INFO L226 Difference]: Without dead ends: 89 [2022-11-02 21:11:19,637 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-02 21:11:19,638 INFO L413 NwaCegarLoop]: 96 mSDtfsCounter, 63 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 46 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 202 SdHoareTripleChecker+Invalid, 57 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 46 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:19,639 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 202 Invalid, 57 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 46 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 21:11:19,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-02 21:11:19,651 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 74. [2022-11-02 21:11:19,652 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-02 21:11:19,653 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 94 transitions. [2022-11-02 21:11:19,653 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 94 transitions. Word has length 43 [2022-11-02 21:11:19,653 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:19,654 INFO L495 AbstractCegarLoop]: Abstraction has 74 states and 94 transitions. [2022-11-02 21:11:19,654 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-02 21:11:19,654 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 94 transitions. [2022-11-02 21:11:19,655 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-02 21:11:19,656 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:19,656 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:19,656 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-02 21:11:19,657 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:19,657 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:19,657 INFO L85 PathProgramCache]: Analyzing trace with hash 273957597, now seen corresponding path program 1 times [2022-11-02 21:11:19,658 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:19,658 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [294926604] [2022-11-02 21:11:19,658 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:19,658 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:19,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,741 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:19,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,749 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 21:11:19,751 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,768 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 21:11:19,769 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,771 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-11-02 21:11:19,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:19,774 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:19,775 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:19,775 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [294926604] [2022-11-02 21:11:19,775 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [294926604] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:19,775 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:19,776 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 21:11:19,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [780197601] [2022-11-02 21:11:19,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:19,777 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 21:11:19,777 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:19,777 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 21:11:19,778 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 21:11:19,778 INFO L87 Difference]: Start difference. First operand 74 states and 94 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-02 21:11:20,029 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:20,029 INFO L93 Difference]: Finished difference Result 218 states and 279 transitions. [2022-11-02 21:11:20,030 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 21:11:20,031 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 47 [2022-11-02 21:11:20,031 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:20,036 INFO L225 Difference]: With dead ends: 218 [2022-11-02 21:11:20,036 INFO L226 Difference]: Without dead ends: 152 [2022-11-02 21:11:20,040 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-02 21:11:20,049 INFO L413 NwaCegarLoop]: 134 mSDtfsCounter, 194 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 94 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 197 SdHoareTripleChecker+Valid, 314 SdHoareTripleChecker+Invalid, 140 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 94 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:20,050 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [197 Valid, 314 Invalid, 140 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 94 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 21:11:20,051 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2022-11-02 21:11:20,087 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 146. [2022-11-02 21:11:20,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 113 states have (on average 1.2743362831858407) internal successors, (144), 120 states have internal predecessors, (144), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-02 21:11:20,089 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 181 transitions. [2022-11-02 21:11:20,089 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 181 transitions. Word has length 47 [2022-11-02 21:11:20,090 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:20,090 INFO L495 AbstractCegarLoop]: Abstraction has 146 states and 181 transitions. [2022-11-02 21:11:20,090 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-02 21:11:20,090 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 181 transitions. [2022-11-02 21:11:20,098 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-02 21:11:20,102 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:20,102 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:20,103 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-02 21:11:20,103 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:20,107 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:20,107 INFO L85 PathProgramCache]: Analyzing trace with hash -419087457, now seen corresponding path program 1 times [2022-11-02 21:11:20,107 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:20,108 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1637494392] [2022-11-02 21:11:20,108 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:20,108 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:20,125 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,207 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:20,208 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,212 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 21:11:20,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,247 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-02 21:11:20,248 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,250 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:20,250 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:20,250 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1637494392] [2022-11-02 21:11:20,251 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1637494392] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:20,251 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:20,251 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-02 21:11:20,251 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [61103925] [2022-11-02 21:11:20,251 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:20,252 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-02 21:11:20,252 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:20,252 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-02 21:11:20,253 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-02 21:11:20,253 INFO L87 Difference]: Start difference. First operand 146 states and 181 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:20,419 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:20,419 INFO L93 Difference]: Finished difference Result 292 states and 366 transitions. [2022-11-02 21:11:20,420 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 21:11:20,420 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-02 21:11:20,421 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:20,422 INFO L225 Difference]: With dead ends: 292 [2022-11-02 21:11:20,423 INFO L226 Difference]: Without dead ends: 154 [2022-11-02 21:11:20,423 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-02 21:11:20,424 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 64 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 108 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 388 SdHoareTripleChecker+Invalid, 126 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 108 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:20,425 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 388 Invalid, 126 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 108 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 21:11:20,426 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-02 21:11:20,443 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 149. [2022-11-02 21:11:20,444 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 116 states have (on average 1.2672413793103448) internal successors, (147), 123 states have internal predecessors, (147), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-02 21:11:20,445 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 184 transitions. [2022-11-02 21:11:20,445 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 184 transitions. Word has length 51 [2022-11-02 21:11:20,446 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:20,446 INFO L495 AbstractCegarLoop]: Abstraction has 149 states and 184 transitions. [2022-11-02 21:11:20,446 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:20,446 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 184 transitions. [2022-11-02 21:11:20,447 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-02 21:11:20,448 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:20,448 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:20,448 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-02 21:11:20,448 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:20,449 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:20,449 INFO L85 PathProgramCache]: Analyzing trace with hash -2108031199, now seen corresponding path program 1 times [2022-11-02 21:11:20,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:20,449 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1702113634] [2022-11-02 21:11:20,449 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:20,450 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:20,466 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,535 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:20,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,541 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 21:11:20,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,567 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-02 21:11:20,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,570 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:20,570 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:20,570 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1702113634] [2022-11-02 21:11:20,570 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1702113634] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:20,571 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:20,571 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 21:11:20,571 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [395472735] [2022-11-02 21:11:20,571 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:20,571 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 21:11:20,572 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:20,572 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 21:11:20,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 21:11:20,572 INFO L87 Difference]: Start difference. First operand 149 states and 184 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:20,710 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:20,710 INFO L93 Difference]: Finished difference Result 300 states and 377 transitions. [2022-11-02 21:11:20,711 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-02 21:11:20,712 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-02 21:11:20,713 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:20,716 INFO L225 Difference]: With dead ends: 300 [2022-11-02 21:11:20,717 INFO L226 Difference]: Without dead ends: 159 [2022-11-02 21:11:20,717 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-02 21:11:20,721 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 67 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 305 SdHoareTripleChecker+Invalid, 94 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:20,723 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 305 Invalid, 94 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-02 21:11:20,725 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2022-11-02 21:11:20,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 151. [2022-11-02 21:11:20,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 118 states have (on average 1.2627118644067796) internal successors, (149), 125 states have internal predecessors, (149), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-02 21:11:20,758 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 186 transitions. [2022-11-02 21:11:20,758 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 186 transitions. Word has length 51 [2022-11-02 21:11:20,759 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:20,759 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 186 transitions. [2022-11-02 21:11:20,759 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:20,760 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 186 transitions. [2022-11-02 21:11:20,761 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-02 21:11:20,761 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:20,761 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:20,761 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-02 21:11:20,762 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:20,762 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:20,762 INFO L85 PathProgramCache]: Analyzing trace with hash -1685329373, now seen corresponding path program 1 times [2022-11-02 21:11:20,763 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:20,763 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [848867116] [2022-11-02 21:11:20,763 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:20,763 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:20,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,911 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:20,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,918 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 21:11:20,922 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,948 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-02 21:11:20,950 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:20,952 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:20,952 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:20,952 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [848867116] [2022-11-02 21:11:20,953 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [848867116] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:20,953 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:20,953 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-02 21:11:20,953 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1059294178] [2022-11-02 21:11:20,954 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:20,954 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-02 21:11:20,954 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:20,955 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-02 21:11:20,955 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-02 21:11:20,957 INFO L87 Difference]: Start difference. First operand 151 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:21,242 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:21,243 INFO L93 Difference]: Finished difference Result 431 states and 551 transitions. [2022-11-02 21:11:21,245 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-02 21:11:21,245 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-02 21:11:21,245 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:21,249 INFO L225 Difference]: With dead ends: 431 [2022-11-02 21:11:21,249 INFO L226 Difference]: Without dead ends: 288 [2022-11-02 21:11:21,250 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-02 21:11:21,252 INFO L413 NwaCegarLoop]: 148 mSDtfsCounter, 210 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 147 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 217 SdHoareTripleChecker+Valid, 318 SdHoareTripleChecker+Invalid, 207 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 147 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:21,253 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [217 Valid, 318 Invalid, 207 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 147 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 21:11:21,254 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2022-11-02 21:11:21,307 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 280. [2022-11-02 21:11:21,309 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 280 states, 215 states have (on average 1.2465116279069768) internal successors, (268), 226 states have internal predecessors, (268), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-02 21:11:21,311 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 280 states to 280 states and 351 transitions. [2022-11-02 21:11:21,312 INFO L78 Accepts]: Start accepts. Automaton has 280 states and 351 transitions. Word has length 51 [2022-11-02 21:11:21,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:21,314 INFO L495 AbstractCegarLoop]: Abstraction has 280 states and 351 transitions. [2022-11-02 21:11:21,314 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-02 21:11:21,314 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 351 transitions. [2022-11-02 21:11:21,315 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-02 21:11:21,315 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:21,315 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:21,316 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-02 21:11:21,316 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:21,316 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:21,316 INFO L85 PathProgramCache]: Analyzing trace with hash 716766725, now seen corresponding path program 1 times [2022-11-02 21:11:21,317 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:21,317 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1711366638] [2022-11-02 21:11:21,317 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:21,317 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:21,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:21,429 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-02 21:11:21,430 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:21,437 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-02 21:11:21,439 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:21,446 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-02 21:11:21,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:21,448 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2022-11-02 21:11:21,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:21,462 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-02 21:11:21,462 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:21,462 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1711366638] [2022-11-02 21:11:21,463 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1711366638] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:21,463 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:21,463 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-02 21:11:21,463 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1829964012] [2022-11-02 21:11:21,463 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:21,464 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-02 21:11:21,464 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:21,464 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-02 21:11:21,465 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-02 21:11:21,465 INFO L87 Difference]: Start difference. First operand 280 states and 351 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-02 21:11:21,728 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:21,728 INFO L93 Difference]: Finished difference Result 568 states and 723 transitions. [2022-11-02 21:11:21,728 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-02 21:11:21,729 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 53 [2022-11-02 21:11:21,729 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:21,732 INFO L225 Difference]: With dead ends: 568 [2022-11-02 21:11:21,732 INFO L226 Difference]: Without dead ends: 296 [2022-11-02 21:11:21,733 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-02 21:11:21,734 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 125 mSDsluCounter, 341 mSDsCounter, 0 mSdLazyCounter, 189 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 131 SdHoareTripleChecker+Valid, 438 SdHoareTripleChecker+Invalid, 220 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 189 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:21,734 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [131 Valid, 438 Invalid, 220 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 189 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-02 21:11:21,736 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2022-11-02 21:11:21,763 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 276. [2022-11-02 21:11:21,764 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 211 states have (on average 1.2132701421800949) internal successors, (256), 222 states have internal predecessors, (256), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-02 21:11:21,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 339 transitions. [2022-11-02 21:11:21,767 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 339 transitions. Word has length 53 [2022-11-02 21:11:21,767 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:21,767 INFO L495 AbstractCegarLoop]: Abstraction has 276 states and 339 transitions. [2022-11-02 21:11:21,767 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-02 21:11:21,767 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 339 transitions. [2022-11-02 21:11:21,769 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-02 21:11:21,769 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:21,770 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:21,770 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-02 21:11:21,770 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:21,770 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:21,771 INFO L85 PathProgramCache]: Analyzing trace with hash -1754438647, now seen corresponding path program 1 times [2022-11-02 21:11:21,771 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:21,771 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [705051017] [2022-11-02 21:11:21,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:21,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:21,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:22,010 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 21:11:22,012 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:22,060 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-02 21:11:22,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:22,074 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-11-02 21:11:22,080 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:22,119 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-02 21:11:22,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:22,122 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-02 21:11:22,122 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:22,122 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [705051017] [2022-11-02 21:11:22,122 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [705051017] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-02 21:11:22,122 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-02 21:11:22,122 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-02 21:11:22,123 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1890999784] [2022-11-02 21:11:22,123 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-02 21:11:22,123 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-02 21:11:22,123 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:22,124 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-02 21:11:22,124 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-02 21:11:22,124 INFO L87 Difference]: Start difference. First operand 276 states and 339 transitions. Second operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 21:11:23,075 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:23,075 INFO L93 Difference]: Finished difference Result 818 states and 1041 transitions. [2022-11-02 21:11:23,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-02 21:11:23,076 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 55 [2022-11-02 21:11:23,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:23,079 INFO L225 Difference]: With dead ends: 818 [2022-11-02 21:11:23,079 INFO L226 Difference]: Without dead ends: 600 [2022-11-02 21:11:23,080 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 199 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=187, Invalid=743, Unknown=0, NotChecked=0, Total=930 [2022-11-02 21:11:23,081 INFO L413 NwaCegarLoop]: 153 mSDtfsCounter, 469 mSDsluCounter, 686 mSDsCounter, 0 mSdLazyCounter, 724 mSolverCounterSat, 154 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 475 SdHoareTripleChecker+Valid, 839 SdHoareTripleChecker+Invalid, 878 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 154 IncrementalHoareTripleChecker+Valid, 724 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:23,081 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [475 Valid, 839 Invalid, 878 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [154 Valid, 724 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-02 21:11:23,082 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 600 states. [2022-11-02 21:11:23,132 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 600 to 513. [2022-11-02 21:11:23,133 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 513 states, 394 states have (on average 1.2081218274111676) internal successors, (476), 416 states have internal predecessors, (476), 61 states have call successors, (61), 51 states have call predecessors, (61), 57 states have return successors, (85), 61 states have call predecessors, (85), 61 states have call successors, (85) [2022-11-02 21:11:23,136 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 513 states to 513 states and 622 transitions. [2022-11-02 21:11:23,137 INFO L78 Accepts]: Start accepts. Automaton has 513 states and 622 transitions. Word has length 55 [2022-11-02 21:11:23,137 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:23,137 INFO L495 AbstractCegarLoop]: Abstraction has 513 states and 622 transitions. [2022-11-02 21:11:23,137 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-02 21:11:23,137 INFO L276 IsEmpty]: Start isEmpty. Operand 513 states and 622 transitions. [2022-11-02 21:11:23,139 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2022-11-02 21:11:23,139 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:23,139 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:23,139 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-02 21:11:23,139 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:23,140 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:23,140 INFO L85 PathProgramCache]: Analyzing trace with hash 1281558822, now seen corresponding path program 1 times [2022-11-02 21:11:23,140 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:23,140 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1935817612] [2022-11-02 21:11:23,140 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:23,140 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:23,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,259 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 21:11:23,269 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,292 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-02 21:11:23,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,299 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 21:11:23,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,308 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-02 21:11:23,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,312 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-02 21:11:23,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,315 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2022-11-02 21:11:23,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,317 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 21:11:23,318 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,319 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2022-11-02 21:11:23,320 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,321 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 4 proven. 10 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-02 21:11:23,321 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:23,321 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1935817612] [2022-11-02 21:11:23,322 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1935817612] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-02 21:11:23,322 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1431802434] [2022-11-02 21:11:23,322 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:23,322 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 21:11:23,322 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 21:11:23,324 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-02 21:11:23,359 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-02 21:11:23,479 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:23,482 INFO L263 TraceCheckSpWp]: Trace formula consists of 472 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-02 21:11:23,491 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-02 21:11:23,773 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-02 21:11:23,773 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-02 21:11:23,970 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-02 21:11:23,970 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1431802434] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-02 21:11:23,971 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-02 21:11:23,971 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2022-11-02 21:11:23,971 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1508427518] [2022-11-02 21:11:23,971 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-02 21:11:23,972 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-02 21:11:23,972 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:23,973 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-02 21:11:23,973 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2022-11-02 21:11:23,973 INFO L87 Difference]: Start difference. First operand 513 states and 622 transitions. Second operand has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-02 21:11:25,299 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:25,299 INFO L93 Difference]: Finished difference Result 1171 states and 1466 transitions. [2022-11-02 21:11:25,300 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 38 states. [2022-11-02 21:11:25,300 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) Word has length 96 [2022-11-02 21:11:25,300 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:25,304 INFO L225 Difference]: With dead ends: 1171 [2022-11-02 21:11:25,304 INFO L226 Difference]: Without dead ends: 714 [2022-11-02 21:11:25,307 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 269 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 575 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=471, Invalid=1881, Unknown=0, NotChecked=0, Total=2352 [2022-11-02 21:11:25,336 INFO L413 NwaCegarLoop]: 205 mSDtfsCounter, 472 mSDsluCounter, 1077 mSDsCounter, 0 mSdLazyCounter, 898 mSolverCounterSat, 194 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 476 SdHoareTripleChecker+Valid, 1282 SdHoareTripleChecker+Invalid, 1092 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 194 IncrementalHoareTripleChecker+Valid, 898 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:25,337 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [476 Valid, 1282 Invalid, 1092 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [194 Valid, 898 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-02 21:11:25,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 714 states. [2022-11-02 21:11:25,437 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 714 to 580. [2022-11-02 21:11:25,439 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 442 states have (on average 1.2036199095022624) internal successors, (532), 471 states have internal predecessors, (532), 71 states have call successors, (71), 61 states have call predecessors, (71), 66 states have return successors, (91), 68 states have call predecessors, (91), 71 states have call successors, (91) [2022-11-02 21:11:25,447 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 694 transitions. [2022-11-02 21:11:25,448 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 694 transitions. Word has length 96 [2022-11-02 21:11:25,449 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:25,450 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 694 transitions. [2022-11-02 21:11:25,450 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-02 21:11:25,450 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 694 transitions. [2022-11-02 21:11:25,459 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2022-11-02 21:11:25,460 INFO L187 NwaCegarLoop]: Found error trace [2022-11-02 21:11:25,460 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:25,501 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-02 21:11:25,685 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 21:11:25,686 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-02 21:11:25,686 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-02 21:11:25,686 INFO L85 PathProgramCache]: Analyzing trace with hash -1223995222, now seen corresponding path program 1 times [2022-11-02 21:11:25,687 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-02 21:11:25,687 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [412667496] [2022-11-02 21:11:25,687 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:25,687 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-02 21:11:25,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,930 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-02 21:11:25,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,942 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-02 21:11:25,945 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,949 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 21:11:25,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,959 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-02 21:11:25,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,963 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2022-11-02 21:11:25,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,970 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 21:11:25,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,974 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-02 21:11:25,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,976 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-02 21:11:25,976 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:25,977 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2022-11-02 21:11:25,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,054 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-02 21:11:26,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,057 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 129 [2022-11-02 21:11:26,058 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,063 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 139 [2022-11-02 21:11:26,064 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,065 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 148 [2022-11-02 21:11:26,068 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,071 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 164 [2022-11-02 21:11:26,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,073 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 69 proven. 5 refuted. 0 times theorem prover too weak. 116 trivial. 0 not checked. [2022-11-02 21:11:26,074 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-02 21:11:26,074 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [412667496] [2022-11-02 21:11:26,074 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [412667496] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-02 21:11:26,074 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1871786336] [2022-11-02 21:11:26,074 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-02 21:11:26,075 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 21:11:26,075 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 [2022-11-02 21:11:26,076 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-02 21:11:26,094 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-02 21:11:26,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-02 21:11:26,226 INFO L263 TraceCheckSpWp]: Trace formula consists of 673 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-02 21:11:26,231 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-02 21:11:26,503 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 140 proven. 4 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-02 21:11:26,503 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-02 21:11:27,045 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 78 proven. 44 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2022-11-02 21:11:27,045 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1871786336] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-02 21:11:27,045 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-02 21:11:27,045 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-02 21:11:27,046 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1425829057] [2022-11-02 21:11:27,046 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-02 21:11:27,047 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-02 21:11:27,047 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-02 21:11:27,047 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-02 21:11:27,048 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=482, Unknown=0, NotChecked=0, Total=600 [2022-11-02 21:11:27,048 INFO L87 Difference]: Start difference. First operand 580 states and 694 transitions. Second operand has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-02 21:11:28,336 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-02 21:11:28,337 INFO L93 Difference]: Finished difference Result 1229 states and 1520 transitions. [2022-11-02 21:11:28,337 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-02 21:11:28,337 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) Word has length 172 [2022-11-02 21:11:28,338 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-02 21:11:28,339 INFO L225 Difference]: With dead ends: 1229 [2022-11-02 21:11:28,339 INFO L226 Difference]: Without dead ends: 0 [2022-11-02 21:11:28,342 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 411 GetRequests, 360 SyntacticMatches, 5 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=483, Invalid=1773, Unknown=0, NotChecked=0, Total=2256 [2022-11-02 21:11:28,343 INFO L413 NwaCegarLoop]: 134 mSDtfsCounter, 807 mSDsluCounter, 793 mSDsCounter, 0 mSdLazyCounter, 994 mSolverCounterSat, 289 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 810 SdHoareTripleChecker+Valid, 927 SdHoareTripleChecker+Invalid, 1283 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 289 IncrementalHoareTripleChecker+Valid, 994 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-02 21:11:28,344 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [810 Valid, 927 Invalid, 1283 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [289 Valid, 994 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-02 21:11:28,344 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-02 21:11:28,344 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-02 21:11:28,344 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-02 21:11:28,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-02 21:11:28,345 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 172 [2022-11-02 21:11:28,345 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-02 21:11:28,345 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-02 21:11:28,346 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-02 21:11:28,346 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-02 21:11:28,346 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-02 21:11:28,349 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-02 21:11:28,390 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-02 21:11:28,562 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-02 21:11:28,564 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-02 21:11:35,887 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 92 98) no Hoare annotation was computed. [2022-11-02 21:11:35,887 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 92 98) the Hoare annotation is: true [2022-11-02 21:11:35,887 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 357 368) the Hoare annotation is: true [2022-11-02 21:11:35,887 INFO L899 garLoopResultBuilder]: For program point L361-1(lines 357 368) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 357 368) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point L450-1(line 450) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 444 473) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 444 473) the Hoare annotation is: true [2022-11-02 21:11:35,888 INFO L902 garLoopResultBuilder]: At program point L469(lines 444 473) the Hoare annotation is: true [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point L465(line 465) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 462) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L902 garLoopResultBuilder]: At program point L458-1(lines 458 462) the Hoare annotation is: true [2022-11-02 21:11:35,888 INFO L899 garLoopResultBuilder]: For program point L455(line 455) no Hoare annotation was computed. [2022-11-02 21:11:35,888 INFO L902 garLoopResultBuilder]: At program point L454-2(lines 454 468) the Hoare annotation is: true [2022-11-02 21:11:35,888 INFO L902 garLoopResultBuilder]: At program point L450(line 450) the Hoare annotation is: true [2022-11-02 21:11:35,889 INFO L899 garLoopResultBuilder]: For program point L337(lines 337 341) no Hoare annotation was computed. [2022-11-02 21:11:35,889 INFO L899 garLoopResultBuilder]: For program point L977(lines 977 983) no Hoare annotation was computed. [2022-11-02 21:11:35,889 INFO L895 garLoopResultBuilder]: At program point L337-2(lines 333 344) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-02 21:11:35,889 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 65 91) no Hoare annotation was computed. [2022-11-02 21:11:35,890 INFO L895 garLoopResultBuilder]: At program point L164(lines 159 166) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse9 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse8 .cse1 .cse2 (<= ~waterLevel~0 1) .cse9 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse9)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse6 .cse0 .cse4 .cse7) (or (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse6 .cse0 .cse4 .cse5 .cse7) (or .cse8 .cse0 .cse5)))) [2022-11-02 21:11:35,890 INFO L895 garLoopResultBuilder]: At program point L961(lines 954 963) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-02 21:11:35,890 INFO L899 garLoopResultBuilder]: For program point L251(lines 251 255) no Hoare annotation was computed. [2022-11-02 21:11:35,891 INFO L899 garLoopResultBuilder]: For program point L251-2(lines 251 255) no Hoare annotation was computed. [2022-11-02 21:11:35,891 INFO L895 garLoopResultBuilder]: At program point L974(line 974) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse12 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse4 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse9 (<= 1 ~switchedOnBeforeTS~0)) (.cse10 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse13 (and .cse0 .cse2 .cse3 .cse12 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse1 (not .cse16)) (.cse11 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse14 (and (<= 1 ~pumpRunning~0) .cse7 .cse3 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse15 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2) .cse4 .cse5) .cse6) (let ((.cse8 (= ~waterLevel~0 1))) (or (and .cse7 .cse3 .cse8 .cse9 .cse10) .cse1 .cse11 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse12 .cse8 .cse9 .cse10) .cse6)) (or .cse13 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse11 .cse14 .cse15) (let ((.cse17 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|)))) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse2 .cse3 .cse12 .cse16 .cse17 .cse5 .cse9) .cse13 .cse1 .cse11 (and .cse7 .cse3 .cse17 .cse5 .cse9) .cse14 .cse15))))) [2022-11-02 21:11:35,891 INFO L895 garLoopResultBuilder]: At program point L429(lines 424 432) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-02 21:11:35,892 INFO L899 garLoopResultBuilder]: For program point L974-1(line 974) no Hoare annotation was computed. [2022-11-02 21:11:35,892 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-02 21:11:35,892 INFO L899 garLoopResultBuilder]: For program point L438(line 438) no Hoare annotation was computed. [2022-11-02 21:11:35,892 INFO L895 garLoopResultBuilder]: At program point L145(line 145) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-02 21:11:35,893 INFO L895 garLoopResultBuilder]: At program point L145-1(lines 126 150) the Hoare annotation is: (let ((.cse13 (<= 1 ~pumpRunning~0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse14 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse11 .cse1 .cse2 .cse15 .cse14 .cse16 .cse4)) (.cse0 (not .cse14)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse13 .cse6 .cse15 .cse14 .cse16 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4) .cse7)) (or (not (= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse5 .cse9 .cse10) (or .cse11 (and .cse1 .cse12) .cse0 .cse7 (and .cse13 (= 2 ~waterLevel~0) .cse12)) (or (and .cse6 .cse12 .cse4) .cse8 .cse0 .cse5 (and .cse11 .cse1 .cse2 .cse14 .cse12 .cse4) .cse9 .cse7 .cse10)))) [2022-11-02 21:11:35,893 INFO L899 garLoopResultBuilder]: For program point L79-1(lines 79 85) no Hoare annotation was computed. [2022-11-02 21:11:35,893 INFO L895 garLoopResultBuilder]: At program point L257(lines 242 260) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse2 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse7)) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4)))) [2022-11-02 21:11:35,894 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-02 21:11:35,894 INFO L899 garLoopResultBuilder]: For program point L959-1(line 959) no Hoare annotation was computed. [2022-11-02 21:11:35,894 INFO L895 garLoopResultBuilder]: At program point L439(lines 434 441) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-02 21:11:35,894 INFO L895 garLoopResultBuilder]: At program point L406(lines 401 409) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse13 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse10 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse12 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (and .cse0 .cse2 .cse3 .cse10 .cse15 .cse11 .cse16 .cse12)) (.cse9 (and .cse6 .cse13 .cse3 .cse15 .cse11 .cse16 .cse12)) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not .cse11)) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 (= 2 ~waterLevel~0) (= 2 |timeShift_getWaterLevel_#res#1|) .cse4)) (or .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2)) .cse9) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 (and .cse0 .cse2 .cse3 .cse10 .cse11 .cse4 .cse12) (and .cse13 .cse3 .cse4 .cse12) .cse9 .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 .cse9 .cse14) (or .cse1 .cse7 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse5)))) [2022-11-02 21:11:35,895 INFO L899 garLoopResultBuilder]: For program point L976(lines 976 986) no Hoare annotation was computed. [2022-11-02 21:11:35,895 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 65 91) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-02 21:11:35,895 INFO L899 garLoopResultBuilder]: For program point L972(lines 972 989) no Hoare annotation was computed. [2022-11-02 21:11:35,895 INFO L895 garLoopResultBuilder]: At program point L972-1(lines 964 992) the Hoare annotation is: (let ((.cse17 (<= 1 ~pumpRunning~0)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse18 (<= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse20 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse7 (<= 1 ~switchedOnBeforeTS~0)) (.cse21 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse5 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse0 .cse1 .cse2 .cse3 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse10 (and .cse17 .cse8 .cse0 .cse2 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse11 (not .cse4)) (.cse12 (not (<= 1 |old(~pumpRunning~0)|))) (.cse19 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7) (and .cse8 .cse0 .cse2 .cse4 .cse5 .cse6 .cse7) .cse9 .cse10 .cse11 .cse12 .cse13) (let ((.cse14 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse15 (<= 2 ~waterLevel~0)) (.cse16 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2))) (or .cse0 (and .cse1 .cse14 .cse15 .cse6 .cse16) .cse11 (and .cse17 .cse14 .cse15 .cse6 .cse16) (and .cse1 .cse2 .cse18 .cse5 .cse6) .cse19)) (or .cse9 .cse10 .cse11 .cse12 (not (= |old(~waterLevel~0)| 2))) (or .cse9 (not (= |old(~waterLevel~0)| 1)) .cse10 .cse11 .cse12 .cse13) (or .cse11 .cse12 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse19)))) [2022-11-02 21:11:35,896 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 65 91) no Hoare annotation was computed. [2022-11-02 21:11:35,896 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 438) no Hoare annotation was computed. [2022-11-02 21:11:35,896 INFO L899 garLoopResultBuilder]: For program point L72(lines 72 78) no Hoare annotation was computed. [2022-11-02 21:11:35,896 INFO L899 garLoopResultBuilder]: For program point L72-2(lines 68 90) no Hoare annotation was computed. [2022-11-02 21:11:35,896 INFO L899 garLoopResultBuilder]: For program point L134(lines 134 142) no Hoare annotation was computed. [2022-11-02 21:11:35,897 INFO L899 garLoopResultBuilder]: For program point L130(lines 130 147) no Hoare annotation was computed. [2022-11-02 21:11:35,897 INFO L895 garLoopResultBuilder]: At program point L287(line 287) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-02 21:11:35,897 INFO L902 garLoopResultBuilder]: At program point L539(lines 520 542) the Hoare annotation is: true [2022-11-02 21:11:35,897 INFO L895 garLoopResultBuilder]: At program point L502(lines 498 504) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 21:11:35,897 INFO L895 garLoopResultBuilder]: At program point L321(lines 274 322) the Hoare annotation is: false [2022-11-02 21:11:35,897 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-02 21:11:35,898 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-02 21:11:35,898 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-02 21:11:35,898 INFO L899 garLoopResultBuilder]: For program point L276(lines 275 320) no Hoare annotation was computed. [2022-11-02 21:11:35,898 INFO L899 garLoopResultBuilder]: For program point L305(lines 305 316) no Hoare annotation was computed. [2022-11-02 21:11:35,898 INFO L895 garLoopResultBuilder]: At program point L297(line 297) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 21:11:35,898 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-02 21:11:35,899 INFO L895 garLoopResultBuilder]: At program point L574(lines 569 577) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 21:11:35,899 INFO L895 garLoopResultBuilder]: At program point L318(lines 275 320) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-02 21:11:35,899 INFO L899 garLoopResultBuilder]: For program point L285(lines 285 291) no Hoare annotation was computed. [2022-11-02 21:11:35,899 INFO L899 garLoopResultBuilder]: For program point L285-1(lines 285 291) no Hoare annotation was computed. [2022-11-02 21:11:35,899 INFO L895 garLoopResultBuilder]: At program point L566(lines 562 568) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 21:11:35,899 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 281) no Hoare annotation was computed. [2022-11-02 21:11:35,900 INFO L895 garLoopResultBuilder]: At program point L951(lines 946 953) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 21:11:35,900 INFO L899 garLoopResultBuilder]: For program point L311(lines 311 315) no Hoare annotation was computed. [2022-11-02 21:11:35,900 INFO L895 garLoopResultBuilder]: At program point L311-2(lines 305 316) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-02 21:11:35,900 INFO L899 garLoopResultBuilder]: For program point L530(lines 530 537) no Hoare annotation was computed. [2022-11-02 21:11:35,900 INFO L899 garLoopResultBuilder]: For program point L530-2(lines 530 537) no Hoare annotation was computed. [2022-11-02 21:11:35,901 INFO L895 garLoopResultBuilder]: At program point L559(lines 555 561) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-02 21:11:35,901 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 301) no Hoare annotation was computed. [2022-11-02 21:11:35,901 INFO L899 garLoopResultBuilder]: For program point L295-1(lines 295 301) no Hoare annotation was computed. [2022-11-02 21:11:35,901 INFO L902 garLoopResultBuilder]: At program point L324(lines 265 328) the Hoare annotation is: true [2022-11-02 21:11:35,901 INFO L902 garLoopResultBuilder]: At program point L514(lines 506 516) the Hoare annotation is: true [2022-11-02 21:11:35,901 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 100 124) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-11-02 21:11:35,902 INFO L895 garLoopResultBuilder]: At program point L114(line 114) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 21:11:35,902 INFO L895 garLoopResultBuilder]: At program point L238(lines 223 241) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse0 .cse1 .cse2) (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (<= ~waterLevel~0 2))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 21:11:35,902 INFO L899 garLoopResultBuilder]: For program point L108(lines 108 116) no Hoare annotation was computed. [2022-11-02 21:11:35,902 INFO L899 garLoopResultBuilder]: For program point L104(lines 104 121) no Hoare annotation was computed. [2022-11-02 21:11:35,902 INFO L899 garLoopResultBuilder]: For program point L232(lines 232 236) no Hoare annotation was computed. [2022-11-02 21:11:35,903 INFO L899 garLoopResultBuilder]: For program point L232-2(lines 232 236) no Hoare annotation was computed. [2022-11-02 21:11:35,903 INFO L899 garLoopResultBuilder]: For program point L414(lines 414 420) no Hoare annotation was computed. [2022-11-02 21:11:35,903 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 158) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 21:11:35,903 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 100 124) no Hoare annotation was computed. [2022-11-02 21:11:35,903 INFO L895 garLoopResultBuilder]: At program point L119(line 119) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-11-02 21:11:35,904 INFO L899 garLoopResultBuilder]: For program point L119-1(lines 100 124) no Hoare annotation was computed. [2022-11-02 21:11:35,904 INFO L895 garLoopResultBuilder]: At program point L419(lines 410 423) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (and .cse1 (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-02 21:11:35,904 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 345 356) no Hoare annotation was computed. [2022-11-02 21:11:35,904 INFO L899 garLoopResultBuilder]: For program point L349-1(lines 345 356) no Hoare annotation was computed. [2022-11-02 21:11:35,904 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 345 356) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-02 21:11:35,905 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 178 186) no Hoare annotation was computed. [2022-11-02 21:11:35,905 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 178 186) the Hoare annotation is: true [2022-11-02 21:11:35,905 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 178 186) no Hoare annotation was computed. [2022-11-02 21:11:35,908 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-02 21:11:35,910 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-02 21:11:35,944 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 02.11 09:11:35 BoogieIcfgContainer [2022-11-02 21:11:35,944 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-02 21:11:35,945 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-02 21:11:35,945 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-02 21:11:35,946 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-02 21:11:35,946 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.11 09:11:18" (3/4) ... [2022-11-02 21:11:35,949 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-02 21:11:35,956 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-02 21:11:35,956 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-02 21:11:35,956 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-02 21:11:35,957 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-02 21:11:35,957 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-02 21:11:35,957 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-02 21:11:35,957 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-02 21:11:35,964 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-11-02 21:11:35,964 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-02 21:11:35,965 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-02 21:11:35,966 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-02 21:11:35,966 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-02 21:11:35,968 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 21:11:35,968 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-02 21:11:35,993 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 21:11:35,994 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,994 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,995 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-02 21:11:35,995 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,995 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,996 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,996 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 21:11:35,996 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,997 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 21:11:35,997 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-02 21:11:35,997 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-02 21:11:36,019 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/witness.graphml [2022-11-02 21:11:36,019 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-02 21:11:36,020 INFO L158 Benchmark]: Toolchain (without parser) took 18717.04ms. Allocated memory was 151.0MB in the beginning and 272.6MB in the end (delta: 121.6MB). Free memory was 112.5MB in the beginning and 139.3MB in the end (delta: -26.8MB). Peak memory consumption was 93.8MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,020 INFO L158 Benchmark]: CDTParser took 0.32ms. Allocated memory is still 151.0MB. Free memory is still 130.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-02 21:11:36,021 INFO L158 Benchmark]: CACSL2BoogieTranslator took 540.18ms. Allocated memory is still 151.0MB. Free memory was 112.3MB in the beginning and 117.2MB in the end (delta: -4.9MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,021 INFO L158 Benchmark]: Boogie Procedure Inliner took 81.65ms. Allocated memory is still 151.0MB. Free memory was 117.2MB in the beginning and 114.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,021 INFO L158 Benchmark]: Boogie Preprocessor took 39.12ms. Allocated memory is still 151.0MB. Free memory was 114.6MB in the beginning and 113.0MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,022 INFO L158 Benchmark]: RCFGBuilder took 633.13ms. Allocated memory is still 151.0MB. Free memory was 113.0MB in the beginning and 93.9MB in the end (delta: 19.1MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,022 INFO L158 Benchmark]: TraceAbstraction took 17338.78ms. Allocated memory was 151.0MB in the beginning and 272.6MB in the end (delta: 121.6MB). Free memory was 93.2MB in the beginning and 144.6MB in the end (delta: -51.3MB). Peak memory consumption was 132.0MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,022 INFO L158 Benchmark]: Witness Printer took 74.23ms. Allocated memory is still 272.6MB. Free memory was 144.6MB in the beginning and 139.3MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-02 21:11:36,024 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.32ms. Allocated memory is still 151.0MB. Free memory is still 130.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 540.18ms. Allocated memory is still 151.0MB. Free memory was 112.3MB in the beginning and 117.2MB in the end (delta: -4.9MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 81.65ms. Allocated memory is still 151.0MB. Free memory was 117.2MB in the beginning and 114.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 39.12ms. Allocated memory is still 151.0MB. Free memory was 114.6MB in the beginning and 113.0MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 633.13ms. Allocated memory is still 151.0MB. Free memory was 113.0MB in the beginning and 93.9MB in the end (delta: 19.1MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 17338.78ms. Allocated memory was 151.0MB in the beginning and 272.6MB in the end (delta: 121.6MB). Free memory was 93.2MB in the beginning and 144.6MB in the end (delta: -51.3MB). Peak memory consumption was 132.0MB. Max. memory is 16.1GB. * Witness Printer took 74.23ms. Allocated memory is still 272.6MB. Free memory was 144.6MB in the beginning and 139.3MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 438]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 17.2s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 5.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 7.3s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2598 SdHoareTripleChecker+Valid, 2.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2555 mSDsluCounter, 5234 SdHoareTripleChecker+Invalid, 2.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3851 mSDsCounter, 817 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3281 IncrementalHoareTripleChecker+Invalid, 4098 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 817 mSolverCounterUnsat, 1383 mSDtfsCounter, 3281 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 828 GetRequests, 656 SyntacticMatches, 10 SemanticMatches, 162 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1241 ImplicationChecksByTransitivity, 1.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=580occurred in iteration=10, InterpolantAutomatonStates: 143, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 283 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 42 LocationsWithAnnotation, 1395 PreInvPairs, 1661 NumberOfFragments, 2740 HoareAnnotationTreeSize, 1395 FomulaSimplifications, 5612 FormulaSimplificationTreeSizeReduction, 0.9s HoareSimplificationTime, 42 FomulaSimplificationsInter, 24532 FormulaSimplificationTreeSizeReductionInter, 6.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.1s InterpolantComputationTime, 956 NumberOfCodeBlocks, 956 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1209 ConstructedInterpolants, 0 QuantifiedInterpolants, 2411 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1145 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 616/696 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 520]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 946]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 434]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 498]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 401]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 223]: Loop Invariant Derived loop invariant: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 159]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 242]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 410]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 562]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 424]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 454]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 506]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 964]: Loop Invariant Derived loop invariant: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 333]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 569]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 274]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 954]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 126]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-11-02 21:11:36,092 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_199dc1ae-57de-44f9-bdaa-43885d03151e/bin/uautomizer-Dbtcem3rbc/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE