./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 12:17:00,038 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 12:17:00,041 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 12:17:00,064 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 12:17:00,065 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 12:17:00,066 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 12:17:00,068 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 12:17:00,070 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 12:17:00,073 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 12:17:00,074 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 12:17:00,075 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 12:17:00,077 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 12:17:00,077 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 12:17:00,079 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 12:17:00,080 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 12:17:00,082 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 12:17:00,083 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 12:17:00,084 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 12:17:00,087 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 12:17:00,089 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 12:17:00,091 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 12:17:00,093 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 12:17:00,095 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 12:17:00,096 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 12:17:00,101 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 12:17:00,102 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 12:17:00,102 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 12:17:00,103 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 12:17:00,104 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 12:17:00,105 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 12:17:00,106 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 12:17:00,107 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 12:17:00,108 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 12:17:00,109 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 12:17:00,110 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 12:17:00,111 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 12:17:00,112 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 12:17:00,112 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 12:17:00,112 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 12:17:00,114 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 12:17:00,115 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 12:17:00,126 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-16 12:17:00,166 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 12:17:00,171 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 12:17:00,172 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 12:17:00,173 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 12:17:00,174 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 12:17:00,175 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 12:17:00,175 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-16 12:17:00,176 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-16 12:17:00,176 INFO L138 SettingsManager]: * Use SBE=true [2022-11-16 12:17:00,176 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 12:17:00,178 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 12:17:00,178 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 12:17:00,178 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 12:17:00,178 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 12:17:00,179 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 12:17:00,179 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 12:17:00,179 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 12:17:00,179 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 12:17:00,180 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 12:17:00,180 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 12:17:00,180 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 12:17:00,181 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 12:17:00,181 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-16 12:17:00,181 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 12:17:00,181 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 12:17:00,182 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 12:17:00,182 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 12:17:00,182 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 12:17:00,182 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-16 12:17:00,183 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 12:17:00,185 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-16 12:17:00,185 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-16 12:17:00,185 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 12:17:00,186 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da [2022-11-16 12:17:00,532 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 12:17:00,563 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 12:17:00,569 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 12:17:00,570 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 12:17:00,571 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 12:17:00,573 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-16 12:17:00,669 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/data/5f7dcfe3f/549f9b989d2547beb27341811d181ed8/FLAGa8874c223 [2022-11-16 12:17:01,289 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 12:17:01,290 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-16 12:17:01,319 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/data/5f7dcfe3f/549f9b989d2547beb27341811d181ed8/FLAGa8874c223 [2022-11-16 12:17:01,550 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/data/5f7dcfe3f/549f9b989d2547beb27341811d181ed8 [2022-11-16 12:17:01,553 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 12:17:01,555 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 12:17:01,557 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 12:17:01,557 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 12:17:01,573 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 12:17:01,574 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 12:17:01" (1/1) ... [2022-11-16 12:17:01,581 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@176be3e9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:01, skipping insertion in model container [2022-11-16 12:17:01,581 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 12:17:01" (1/1) ... [2022-11-16 12:17:01,591 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 12:17:01,675 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 12:17:02,072 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-16 12:17:02,246 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 12:17:02,262 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 12:17:02,304 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-16 12:17:02,374 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 12:17:02,394 INFO L208 MainTranslator]: Completed translation [2022-11-16 12:17:02,396 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02 WrapperNode [2022-11-16 12:17:02,396 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 12:17:02,398 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 12:17:02,399 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 12:17:02,399 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 12:17:02,408 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,441 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,492 INFO L138 Inliner]: procedures = 56, calls = 155, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 254 [2022-11-16 12:17:02,493 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 12:17:02,493 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 12:17:02,494 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 12:17:02,494 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 12:17:02,505 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,505 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,508 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,509 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,515 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,534 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,536 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,537 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,540 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 12:17:02,554 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 12:17:02,554 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 12:17:02,554 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 12:17:02,557 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (1/1) ... [2022-11-16 12:17:02,572 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 12:17:02,588 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 12:17:02,605 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 12:17:02,641 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 12:17:02,670 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 12:17:02,670 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 12:17:02,670 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 12:17:02,670 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 12:17:02,671 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 12:17:02,671 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 12:17:02,671 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 12:17:02,671 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 12:17:02,673 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 12:17:02,673 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-16 12:17:02,673 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-16 12:17:02,674 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 12:17:02,674 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 12:17:02,674 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 12:17:02,674 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 12:17:02,675 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 12:17:02,815 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 12:17:02,817 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 12:17:03,246 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 12:17:03,255 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 12:17:03,256 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 12:17:03,259 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:17:03 BoogieIcfgContainer [2022-11-16 12:17:03,259 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 12:17:03,262 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 12:17:03,275 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 12:17:03,280 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 12:17:03,280 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 12:17:01" (1/3) ... [2022-11-16 12:17:03,281 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@43506e0a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 12:17:03, skipping insertion in model container [2022-11-16 12:17:03,281 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:17:02" (2/3) ... [2022-11-16 12:17:03,282 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@43506e0a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 12:17:03, skipping insertion in model container [2022-11-16 12:17:03,282 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:17:03" (3/3) ... [2022-11-16 12:17:03,284 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product42.cil.c [2022-11-16 12:17:03,309 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 12:17:03,309 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 12:17:03,377 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 12:17:03,386 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7ec5c8a9, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 12:17:03,387 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 12:17:03,392 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-16 12:17:03,403 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-16 12:17:03,403 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:03,404 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:03,405 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:03,411 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:03,412 INFO L85 PathProgramCache]: Analyzing trace with hash -690410843, now seen corresponding path program 1 times [2022-11-16 12:17:03,424 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:03,425 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [37690064] [2022-11-16 12:17:03,425 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:03,426 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:03,582 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:03,684 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-16 12:17:03,688 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:03,694 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-16 12:17:03,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:03,702 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:03,703 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:03,703 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [37690064] [2022-11-16 12:17:03,704 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [37690064] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:03,705 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:03,705 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 12:17:03,707 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [29330144] [2022-11-16 12:17:03,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:03,714 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 12:17:03,715 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:03,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 12:17:03,750 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 12:17:03,754 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:17:03,829 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:03,831 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-11-16 12:17:03,832 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 12:17:03,834 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-16 12:17:03,834 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:03,853 INFO L225 Difference]: With dead ends: 161 [2022-11-16 12:17:03,853 INFO L226 Difference]: Without dead ends: 76 [2022-11-16 12:17:03,857 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 12:17:03,862 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:03,867 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:03,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-11-16 12:17:03,918 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-11-16 12:17:03,920 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 12:17:03,922 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-11-16 12:17:03,924 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-11-16 12:17:03,925 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:03,926 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-11-16 12:17:03,928 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:17:03,929 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-11-16 12:17:03,932 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-16 12:17:03,934 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:03,935 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:03,935 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 12:17:03,936 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:03,939 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:03,942 INFO L85 PathProgramCache]: Analyzing trace with hash 1965939987, now seen corresponding path program 1 times [2022-11-16 12:17:03,942 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:03,944 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [539217645] [2022-11-16 12:17:03,944 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:03,944 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:04,026 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,293 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-16 12:17:04,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,301 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-16 12:17:04,303 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,307 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:04,307 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:04,308 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [539217645] [2022-11-16 12:17:04,308 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [539217645] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:04,308 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:04,309 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 12:17:04,309 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [714413156] [2022-11-16 12:17:04,309 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:04,311 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 12:17:04,311 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:04,312 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 12:17:04,312 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:04,312 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:17:04,340 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:04,345 INFO L93 Difference]: Finished difference Result 116 states and 148 transitions. [2022-11-16 12:17:04,349 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 12:17:04,350 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-16 12:17:04,350 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:04,352 INFO L225 Difference]: With dead ends: 116 [2022-11-16 12:17:04,354 INFO L226 Difference]: Without dead ends: 67 [2022-11-16 12:17:04,358 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:04,361 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 13 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:04,364 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 151 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:04,365 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-16 12:17:04,376 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-16 12:17:04,381 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 12:17:04,383 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-11-16 12:17:04,387 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-11-16 12:17:04,387 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:04,388 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-11-16 12:17:04,389 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:17:04,390 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-11-16 12:17:04,391 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-16 12:17:04,393 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:04,393 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:04,393 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 12:17:04,394 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:04,395 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:04,397 INFO L85 PathProgramCache]: Analyzing trace with hash -1695410136, now seen corresponding path program 1 times [2022-11-16 12:17:04,397 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:04,398 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2139649563] [2022-11-16 12:17:04,398 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:04,399 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:04,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,618 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:04,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,625 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-16 12:17:04,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,641 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:04,642 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:04,642 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2139649563] [2022-11-16 12:17:04,642 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2139649563] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:04,643 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:04,643 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 12:17:04,643 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [838109979] [2022-11-16 12:17:04,643 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:04,644 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 12:17:04,647 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:04,647 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 12:17:04,648 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:17:04,648 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:04,746 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:04,746 INFO L93 Difference]: Finished difference Result 126 states and 163 transitions. [2022-11-16 12:17:04,747 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-16 12:17:04,748 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-16 12:17:04,748 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:04,749 INFO L225 Difference]: With dead ends: 126 [2022-11-16 12:17:04,750 INFO L226 Difference]: Without dead ends: 67 [2022-11-16 12:17:04,751 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-16 12:17:04,752 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 108 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 108 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:04,753 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [108 Valid, 200 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:04,754 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-16 12:17:04,768 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-16 12:17:04,773 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 59 states have internal predecessors, (70), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 12:17:04,774 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 84 transitions. [2022-11-16 12:17:04,775 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 84 transitions. Word has length 38 [2022-11-16 12:17:04,777 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:04,777 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 84 transitions. [2022-11-16 12:17:04,777 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:04,778 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 84 transitions. [2022-11-16 12:17:04,779 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-16 12:17:04,780 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:04,780 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:04,780 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 12:17:04,781 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:04,781 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:04,782 INFO L85 PathProgramCache]: Analyzing trace with hash 610140587, now seen corresponding path program 1 times [2022-11-16 12:17:04,782 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:04,782 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [305295369] [2022-11-16 12:17:04,783 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:04,783 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:04,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,884 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:04,886 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,890 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:17:04,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,893 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-16 12:17:04,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:04,897 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:04,897 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:04,898 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [305295369] [2022-11-16 12:17:04,898 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [305295369] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:04,898 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:04,898 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 12:17:04,899 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2014291143] [2022-11-16 12:17:04,899 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:04,900 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 12:17:04,900 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:04,900 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 12:17:04,901 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:04,901 INFO L87 Difference]: Start difference. First operand 67 states and 84 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:17:04,939 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:04,939 INFO L93 Difference]: Finished difference Result 171 states and 219 transitions. [2022-11-16 12:17:04,940 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 12:17:04,940 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 43 [2022-11-16 12:17:04,941 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:04,942 INFO L225 Difference]: With dead ends: 171 [2022-11-16 12:17:04,942 INFO L226 Difference]: Without dead ends: 112 [2022-11-16 12:17:04,943 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:04,945 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 52 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:04,945 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 150 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:04,946 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 112 states. [2022-11-16 12:17:04,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 112 to 110. [2022-11-16 12:17:04,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 87 states have (on average 1.2873563218390804) internal successors, (112), 94 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-16 12:17:04,966 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 138 transitions. [2022-11-16 12:17:04,967 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 138 transitions. Word has length 43 [2022-11-16 12:17:04,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:04,968 INFO L495 AbstractCegarLoop]: Abstraction has 110 states and 138 transitions. [2022-11-16 12:17:04,968 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:17:04,968 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 138 transitions. [2022-11-16 12:17:04,970 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-16 12:17:04,970 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:04,970 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:04,971 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 12:17:04,971 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:04,972 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:04,972 INFO L85 PathProgramCache]: Analyzing trace with hash 1028234707, now seen corresponding path program 1 times [2022-11-16 12:17:04,972 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:04,973 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [970512670] [2022-11-16 12:17:04,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:04,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:04,995 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,187 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:05,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,193 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2022-11-16 12:17:05,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,197 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2022-11-16 12:17:05,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,214 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-16 12:17:05,215 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:05,215 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [970512670] [2022-11-16 12:17:05,215 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [970512670] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:05,216 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:05,216 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 12:17:05,216 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1890070138] [2022-11-16 12:17:05,217 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:05,217 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 12:17:05,218 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:05,218 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 12:17:05,218 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-16 12:17:05,219 INFO L87 Difference]: Start difference. First operand 110 states and 138 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-16 12:17:05,392 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:05,392 INFO L93 Difference]: Finished difference Result 217 states and 276 transitions. [2022-11-16 12:17:05,393 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-16 12:17:05,393 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2022-11-16 12:17:05,394 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:05,395 INFO L225 Difference]: With dead ends: 217 [2022-11-16 12:17:05,396 INFO L226 Difference]: Without dead ends: 115 [2022-11-16 12:17:05,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-16 12:17:05,398 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 37 mSDsluCounter, 310 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 405 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:05,399 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 405 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 12:17:05,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115 states. [2022-11-16 12:17:05,418 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115 to 109. [2022-11-16 12:17:05,419 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 109 states, 86 states have (on average 1.2674418604651163) internal successors, (109), 93 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-16 12:17:05,420 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 135 transitions. [2022-11-16 12:17:05,420 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 135 transitions. Word has length 49 [2022-11-16 12:17:05,421 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:05,421 INFO L495 AbstractCegarLoop]: Abstraction has 109 states and 135 transitions. [2022-11-16 12:17:05,422 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-16 12:17:05,422 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 135 transitions. [2022-11-16 12:17:05,423 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 12:17:05,423 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:05,424 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:05,424 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 12:17:05,424 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:05,425 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:05,425 INFO L85 PathProgramCache]: Analyzing trace with hash -2048289411, now seen corresponding path program 1 times [2022-11-16 12:17:05,425 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:05,426 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [390560373] [2022-11-16 12:17:05,426 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:05,426 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:05,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,553 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:05,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,557 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 12:17:05,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,560 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:05,560 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:05,561 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [390560373] [2022-11-16 12:17:05,561 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [390560373] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:05,561 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:05,561 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 12:17:05,562 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [991082021] [2022-11-16 12:17:05,562 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:05,562 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 12:17:05,563 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:05,563 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 12:17:05,563 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:17:05,564 INFO L87 Difference]: Start difference. First operand 109 states and 135 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:05,674 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:05,675 INFO L93 Difference]: Finished difference Result 234 states and 298 transitions. [2022-11-16 12:17:05,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-16 12:17:05,676 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-16 12:17:05,677 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:05,681 INFO L225 Difference]: With dead ends: 234 [2022-11-16 12:17:05,682 INFO L226 Difference]: Without dead ends: 133 [2022-11-16 12:17:05,687 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-16 12:17:05,690 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 33 mSDsluCounter, 251 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 348 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:05,698 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 348 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:05,699 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2022-11-16 12:17:05,725 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 112. [2022-11-16 12:17:05,726 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 89 states have (on average 1.2584269662921348) internal successors, (112), 96 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-16 12:17:05,727 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 138 transitions. [2022-11-16 12:17:05,727 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 138 transitions. Word has length 51 [2022-11-16 12:17:05,727 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:05,728 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 138 transitions. [2022-11-16 12:17:05,728 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:05,728 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 138 transitions. [2022-11-16 12:17:05,730 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 12:17:05,730 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:05,730 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:05,731 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 12:17:05,731 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:05,732 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:05,732 INFO L85 PathProgramCache]: Analyzing trace with hash -1625587585, now seen corresponding path program 1 times [2022-11-16 12:17:05,732 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:05,732 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2040761538] [2022-11-16 12:17:05,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:05,733 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:05,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,972 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:05,974 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,976 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 12:17:05,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:05,983 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:05,983 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:05,985 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2040761538] [2022-11-16 12:17:05,986 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2040761538] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:05,986 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:05,986 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-16 12:17:05,987 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1248420719] [2022-11-16 12:17:05,987 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:05,988 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-16 12:17:05,990 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:05,990 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-16 12:17:05,991 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 12:17:05,991 INFO L87 Difference]: Start difference. First operand 112 states and 138 transitions. Second operand has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:06,052 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:06,053 INFO L93 Difference]: Finished difference Result 232 states and 293 transitions. [2022-11-16 12:17:06,054 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-16 12:17:06,054 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-16 12:17:06,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:06,057 INFO L225 Difference]: With dead ends: 232 [2022-11-16 12:17:06,057 INFO L226 Difference]: Without dead ends: 128 [2022-11-16 12:17:06,058 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:17:06,060 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 27 mSDsluCounter, 160 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:06,061 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 246 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:06,063 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-16 12:17:06,106 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 114. [2022-11-16 12:17:06,107 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 114 states, 91 states have (on average 1.2527472527472527) internal successors, (114), 98 states have internal predecessors, (114), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-16 12:17:06,108 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 114 states to 114 states and 140 transitions. [2022-11-16 12:17:06,108 INFO L78 Accepts]: Start accepts. Automaton has 114 states and 140 transitions. Word has length 51 [2022-11-16 12:17:06,109 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:06,109 INFO L495 AbstractCegarLoop]: Abstraction has 114 states and 140 transitions. [2022-11-16 12:17:06,109 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:06,110 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 140 transitions. [2022-11-16 12:17:06,111 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 12:17:06,112 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:06,112 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:06,112 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-16 12:17:06,113 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:06,113 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:06,113 INFO L85 PathProgramCache]: Analyzing trace with hash 863941377, now seen corresponding path program 1 times [2022-11-16 12:17:06,114 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:06,114 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [127761498] [2022-11-16 12:17:06,114 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:06,115 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:06,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,274 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:17:06,277 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,281 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 12:17:06,282 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,287 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:06,287 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:06,288 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [127761498] [2022-11-16 12:17:06,288 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [127761498] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:06,288 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:06,289 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 12:17:06,289 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1628642541] [2022-11-16 12:17:06,289 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:06,290 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 12:17:06,290 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:06,291 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 12:17:06,291 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:06,292 INFO L87 Difference]: Start difference. First operand 114 states and 140 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:06,346 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:06,347 INFO L93 Difference]: Finished difference Result 266 states and 331 transitions. [2022-11-16 12:17:06,347 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 12:17:06,348 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-16 12:17:06,350 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:06,354 INFO L225 Difference]: With dead ends: 266 [2022-11-16 12:17:06,354 INFO L226 Difference]: Without dead ends: 160 [2022-11-16 12:17:06,355 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:17:06,359 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 35 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 159 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:06,361 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 159 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:17:06,363 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-16 12:17:06,398 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 160. [2022-11-16 12:17:06,399 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 127 states have (on average 1.2283464566929134) internal successors, (156), 135 states have internal predecessors, (156), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2022-11-16 12:17:06,402 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 194 transitions. [2022-11-16 12:17:06,403 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 194 transitions. Word has length 51 [2022-11-16 12:17:06,403 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:06,403 INFO L495 AbstractCegarLoop]: Abstraction has 160 states and 194 transitions. [2022-11-16 12:17:06,404 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:17:06,404 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 194 transitions. [2022-11-16 12:17:06,412 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-16 12:17:06,412 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:06,413 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:06,413 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-16 12:17:06,414 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:06,419 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:06,419 INFO L85 PathProgramCache]: Analyzing trace with hash 159207591, now seen corresponding path program 1 times [2022-11-16 12:17:06,419 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:06,419 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1517868559] [2022-11-16 12:17:06,420 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:06,420 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:06,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,762 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 12:17:06,765 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,824 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-16 12:17:06,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,831 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-16 12:17:06,833 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:06,841 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:17:06,841 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:06,841 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1517868559] [2022-11-16 12:17:06,841 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1517868559] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:17:06,842 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:17:06,842 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-16 12:17:06,842 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [500920112] [2022-11-16 12:17:06,842 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:17:06,843 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-16 12:17:06,843 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:06,844 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-16 12:17:06,844 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-11-16 12:17:06,845 INFO L87 Difference]: Start difference. First operand 160 states and 194 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-16 12:17:07,374 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:07,374 INFO L93 Difference]: Finished difference Result 540 states and 679 transitions. [2022-11-16 12:17:07,375 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-16 12:17:07,375 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 55 [2022-11-16 12:17:07,376 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:07,379 INFO L225 Difference]: With dead ends: 540 [2022-11-16 12:17:07,379 INFO L226 Difference]: Without dead ends: 434 [2022-11-16 12:17:07,380 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-11-16 12:17:07,381 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 223 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 299 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 625 SdHoareTripleChecker+Invalid, 349 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 299 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:07,381 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 625 Invalid, 349 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 299 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-16 12:17:07,383 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 434 states. [2022-11-16 12:17:07,433 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 434 to 400. [2022-11-16 12:17:07,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 319 states have (on average 1.2163009404388714) internal successors, (388), 341 states have internal predecessors, (388), 44 states have call successors, (44), 33 states have call predecessors, (44), 36 states have return successors, (54), 42 states have call predecessors, (54), 44 states have call successors, (54) [2022-11-16 12:17:07,437 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 486 transitions. [2022-11-16 12:17:07,437 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 486 transitions. Word has length 55 [2022-11-16 12:17:07,438 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:07,438 INFO L495 AbstractCegarLoop]: Abstraction has 400 states and 486 transitions. [2022-11-16 12:17:07,438 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-16 12:17:07,438 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 486 transitions. [2022-11-16 12:17:07,440 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2022-11-16 12:17:07,440 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:17:07,440 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:07,441 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-16 12:17:07,441 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:17:07,441 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:17:07,442 INFO L85 PathProgramCache]: Analyzing trace with hash -2045084638, now seen corresponding path program 1 times [2022-11-16 12:17:07,442 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:17:07,442 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [15596638] [2022-11-16 12:17:07,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:07,443 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:17:07,464 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,628 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 12:17:07,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,673 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-16 12:17:07,678 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,703 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 12:17:07,704 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,705 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2022-11-16 12:17:07,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,724 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2022-11-16 12:17:07,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,727 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2022-11-16 12:17:07,729 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,731 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-16 12:17:07,732 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:17:07,732 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [15596638] [2022-11-16 12:17:07,732 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [15596638] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 12:17:07,733 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1276645210] [2022-11-16 12:17:07,733 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:17:07,733 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 12:17:07,733 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 12:17:07,737 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 12:17:07,752 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 12:17:07,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:17:07,927 INFO L263 TraceCheckSpWp]: Trace formula consists of 454 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-16 12:17:07,936 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 12:17:08,183 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 12:17:08,184 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 12:17:08,480 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-16 12:17:08,480 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1276645210] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 12:17:08,480 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 12:17:08,481 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-16 12:17:08,481 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [40557619] [2022-11-16 12:17:08,481 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 12:17:08,483 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-16 12:17:08,483 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:17:08,484 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-16 12:17:08,484 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2022-11-16 12:17:08,485 INFO L87 Difference]: Start difference. First operand 400 states and 486 transitions. Second operand has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-16 12:17:09,453 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:17:09,454 INFO L93 Difference]: Finished difference Result 641 states and 804 transitions. [2022-11-16 12:17:09,455 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-11-16 12:17:09,455 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 87 [2022-11-16 12:17:09,458 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:17:09,458 INFO L225 Difference]: With dead ends: 641 [2022-11-16 12:17:09,458 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 12:17:09,460 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 219 GetRequests, 186 SyntacticMatches, 4 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 166 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=176, Invalid=754, Unknown=0, NotChecked=0, Total=930 [2022-11-16 12:17:09,461 INFO L413 NwaCegarLoop]: 136 mSDtfsCounter, 288 mSDsluCounter, 822 mSDsCounter, 0 mSdLazyCounter, 564 mSolverCounterSat, 106 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 289 SdHoareTripleChecker+Valid, 958 SdHoareTripleChecker+Invalid, 670 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 106 IncrementalHoareTripleChecker+Valid, 564 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-16 12:17:09,462 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [289 Valid, 958 Invalid, 670 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [106 Valid, 564 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-16 12:17:09,463 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 12:17:09,463 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 12:17:09,463 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 12:17:09,463 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 12:17:09,464 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2022-11-16 12:17:09,464 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:17:09,464 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 12:17:09,464 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-16 12:17:09,465 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 12:17:09,465 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 12:17:09,469 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 12:17:09,498 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 12:17:09,690 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-16 12:17:09,692 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 12:17:13,917 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 815 821) no Hoare annotation was computed. [2022-11-16 12:17:13,918 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 815 821) the Hoare annotation is: true [2022-11-16 12:17:13,918 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 647 658) the Hoare annotation is: true [2022-11-16 12:17:13,918 INFO L899 garLoopResultBuilder]: For program point L651-1(lines 647 658) no Hoare annotation was computed. [2022-11-16 12:17:13,918 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 647 658) no Hoare annotation was computed. [2022-11-16 12:17:13,919 INFO L899 garLoopResultBuilder]: For program point L704(lines 704 710) no Hoare annotation was computed. [2022-11-16 12:17:13,919 INFO L899 garLoopResultBuilder]: For program point L795(lines 795 801) no Hoare annotation was computed. [2022-11-16 12:17:13,937 INFO L899 garLoopResultBuilder]: For program point L795-2(lines 791 813) no Hoare annotation was computed. [2022-11-16 12:17:13,941 INFO L895 garLoopResultBuilder]: At program point L696(lines 691 699) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse10 (not (< 1 |old(~waterLevel~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse4 .cse8 .cse9 .cse6) .cse7 .cse10 (and .cse1 .cse8 .cse9) .cse3 .cse11)) (or .cse0 .cse10 .cse3 .cse11 (and .cse1 .cse5 .cse2))))) [2022-11-16 12:17:13,943 INFO L895 garLoopResultBuilder]: At program point L853(lines 848 855) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-16 12:17:13,944 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-16 12:17:13,944 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 788 814) no Hoare annotation was computed. [2022-11-16 12:17:13,944 INFO L895 garLoopResultBuilder]: At program point L69(lines 62 71) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (and (<= 1 ~pumpRunning~0) .cse5 (<= 1 ~switchedOnBeforeTS~0))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse3 (and .cse4 .cse5) .cse6 .cse2 .cse7) (or .cse0 .cse6 .cse1 .cse2 .cse7) (or .cse3 (not (= |old(~waterLevel~0)| 1)) (and .cse4 (= ~waterLevel~0 1)) .cse2)))) [2022-11-16 12:17:13,945 INFO L895 garLoopResultBuilder]: At program point L709(lines 700 713) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse1 (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-16 12:17:13,945 INFO L895 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift_processEnvironment_~tmp~6#1| 0)) (.cse7 (not .cse2))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse1 (and .cse5 .cse6 (= |old(~waterLevel~0)| ~waterLevel~0) .cse7) .cse2 .cse3) (or .cse4 (and .cse5 .cse6 (= ~waterLevel~0 1) .cse7) (not (= |old(~waterLevel~0)| 1)) .cse2)))) [2022-11-16 12:17:13,945 INFO L895 garLoopResultBuilder]: At program point L953(lines 938 956) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= |timeShift_isHighWaterLevel_~tmp___0~2#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-16 12:17:13,946 INFO L895 garLoopResultBuilder]: At program point L664(lines 659 667) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-16 12:17:13,946 INFO L899 garLoopResultBuilder]: For program point L627(lines 627 631) no Hoare annotation was computed. [2022-11-16 12:17:13,946 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 .cse7 .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) (and (= ~pumpRunning~0 0) .cse7) .cse3))) [2022-11-16 12:17:13,947 INFO L895 garLoopResultBuilder]: At program point L627-2(lines 623 634) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-16 12:17:13,947 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-11-16 12:17:13,948 INFO L895 garLoopResultBuilder]: At program point L842(line 842) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-16 12:17:13,948 INFO L895 garLoopResultBuilder]: At program point L842-1(lines 823 847) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (< 1 |old(~waterLevel~0)|))) (.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse1 (<= 1 ~pumpRunning~0)) (.cse9 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse0 .cse8 .cse3 .cse9 (and .cse1 .cse5 .cse2)) (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse7 .cse8 (and .cse4 .cse10 .cse6) (and .cse1 .cse10) .cse3 .cse9))))) [2022-11-16 12:17:13,949 INFO L899 garLoopResultBuilder]: For program point L211(line 211) no Hoare annotation was computed. [2022-11-16 12:17:13,949 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 12:17:13,949 INFO L899 garLoopResultBuilder]: For program point L67-1(line 67) no Hoare annotation was computed. [2022-11-16 12:17:13,949 INFO L899 garLoopResultBuilder]: For program point L802-1(lines 802 808) no Hoare annotation was computed. [2022-11-16 12:17:13,950 INFO L899 garLoopResultBuilder]: For program point L864(lines 864 870) no Hoare annotation was computed. [2022-11-16 12:17:13,950 INFO L899 garLoopResultBuilder]: For program point L831(lines 831 839) no Hoare annotation was computed. [2022-11-16 12:17:13,950 INFO L895 garLoopResultBuilder]: At program point L864-2(lines 857 873) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse4 (and (= ~pumpRunning~0 0) .cse5) .cse1 (and (<= 1 ~pumpRunning~0) .cse5) .cse2 .cse3)) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-16 12:17:13,950 INFO L899 garLoopResultBuilder]: For program point L827(lines 827 844) no Hoare annotation was computed. [2022-11-16 12:17:13,951 INFO L895 garLoopResultBuilder]: At program point L889(lines 882 892) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-16 12:17:13,951 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-11-16 12:17:13,951 INFO L895 garLoopResultBuilder]: At program point L212(lines 207 214) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-16 12:17:13,951 INFO L899 garLoopResultBuilder]: For program point L947(lines 947 951) no Hoare annotation was computed. [2022-11-16 12:17:13,951 INFO L899 garLoopResultBuilder]: For program point L947-2(lines 947 951) no Hoare annotation was computed. [2022-11-16 12:17:13,952 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-11-16 12:17:13,952 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 788 814) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 12:17:13,952 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse6 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse4 .cse3 .cse5 (and .cse1 .cse6 .cse2)) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2))) (or (and .cse7 .cse8 .cse9 .cse10) .cse11 .cse4 (and .cse1 .cse8 .cse9 .cse10) .cse3 .cse5)) (or .cse11 (not (= |old(~waterLevel~0)| 1)) (and .cse7 .cse6) .cse3))) [2022-11-16 12:17:13,953 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 788 814) no Hoare annotation was computed. [2022-11-16 12:17:13,953 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 211) no Hoare annotation was computed. [2022-11-16 12:17:13,953 INFO L902 garLoopResultBuilder]: At program point L129(lines 104 133) the Hoare annotation is: true [2022-11-16 12:17:13,953 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 104 133) no Hoare annotation was computed. [2022-11-16 12:17:13,954 INFO L899 garLoopResultBuilder]: For program point L125(line 125) no Hoare annotation was computed. [2022-11-16 12:17:13,954 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 104 133) the Hoare annotation is: true [2022-11-16 12:17:13,954 INFO L899 garLoopResultBuilder]: For program point L118(lines 118 122) no Hoare annotation was computed. [2022-11-16 12:17:13,954 INFO L902 garLoopResultBuilder]: At program point L118-1(lines 118 122) the Hoare annotation is: true [2022-11-16 12:17:13,954 INFO L899 garLoopResultBuilder]: For program point L115(line 115) no Hoare annotation was computed. [2022-11-16 12:17:13,955 INFO L902 garLoopResultBuilder]: At program point L114-2(lines 114 128) the Hoare annotation is: true [2022-11-16 12:17:13,955 INFO L902 garLoopResultBuilder]: At program point L110(line 110) the Hoare annotation is: true [2022-11-16 12:17:13,955 INFO L899 garLoopResultBuilder]: For program point L110-1(line 110) no Hoare annotation was computed. [2022-11-16 12:17:13,956 INFO L895 garLoopResultBuilder]: At program point L246(lines 241 249) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-16 12:17:13,956 INFO L895 garLoopResultBuilder]: At program point L238(lines 234 240) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-16 12:17:13,956 INFO L899 garLoopResultBuilder]: For program point L746(lines 746 752) no Hoare annotation was computed. [2022-11-16 12:17:13,956 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 746 752) no Hoare annotation was computed. [2022-11-16 12:17:13,957 INFO L895 garLoopResultBuilder]: At program point L771(lines 726 773) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-16 12:17:13,957 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-16 12:17:13,957 INFO L899 garLoopResultBuilder]: For program point L193(lines 193 200) no Hoare annotation was computed. [2022-11-16 12:17:13,957 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-16 12:17:13,958 INFO L899 garLoopResultBuilder]: For program point L193-2(lines 193 200) no Hoare annotation was computed. [2022-11-16 12:17:13,958 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-16 12:17:13,958 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-16 12:17:13,958 INFO L902 garLoopResultBuilder]: At program point L177(lines 169 179) the Hoare annotation is: true [2022-11-16 12:17:13,958 INFO L902 garLoopResultBuilder]: At program point L202(lines 183 205) the Hoare annotation is: true [2022-11-16 12:17:13,959 INFO L895 garLoopResultBuilder]: At program point L231(lines 227 233) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-16 12:17:13,959 INFO L895 garLoopResultBuilder]: At program point L165(lines 161 167) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-16 12:17:13,959 INFO L895 garLoopResultBuilder]: At program point L962(lines 957 964) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-16 12:17:13,959 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 12:17:13,960 INFO L899 garLoopResultBuilder]: For program point L764(lines 764 768) no Hoare annotation was computed. [2022-11-16 12:17:13,960 INFO L895 garLoopResultBuilder]: At program point L764-2(lines 756 769) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-16 12:17:13,960 INFO L899 garLoopResultBuilder]: For program point L727(lines 726 773) no Hoare annotation was computed. [2022-11-16 12:17:13,961 INFO L899 garLoopResultBuilder]: For program point L756(lines 756 769) no Hoare annotation was computed. [2022-11-16 12:17:13,961 INFO L895 garLoopResultBuilder]: At program point L748(line 748) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-16 12:17:13,961 INFO L902 garLoopResultBuilder]: At program point L777(lines 716 781) the Hoare annotation is: true [2022-11-16 12:17:13,961 INFO L899 garLoopResultBuilder]: For program point L736(lines 736 742) no Hoare annotation was computed. [2022-11-16 12:17:13,962 INFO L899 garLoopResultBuilder]: For program point L736-1(lines 736 742) no Hoare annotation was computed. [2022-11-16 12:17:13,962 INFO L895 garLoopResultBuilder]: At program point L59(lines 54 61) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-16 12:17:13,963 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 732) no Hoare annotation was computed. [2022-11-16 12:17:13,963 INFO L895 garLoopResultBuilder]: At program point L774(lines 725 775) the Hoare annotation is: false [2022-11-16 12:17:13,965 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 635 646) no Hoare annotation was computed. [2022-11-16 12:17:13,965 INFO L899 garLoopResultBuilder]: For program point L639-1(lines 635 646) no Hoare annotation was computed. [2022-11-16 12:17:13,966 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 635 646) the Hoare annotation is: (let ((.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse0 (not (<= 1 ~pumpRunning~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= ~pumpRunning~0 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse3 .cse4 .cse1 .cse2 .cse5) (or .cse4 .cse0 .cse1 .cse2 .cse5) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse2 (= ~waterLevel~0 1)))) [2022-11-16 12:17:13,966 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 893 901) no Hoare annotation was computed. [2022-11-16 12:17:13,966 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 893 901) the Hoare annotation is: true [2022-11-16 12:17:13,966 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 893 901) no Hoare annotation was computed. [2022-11-16 12:17:13,972 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:17:13,974 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 12:17:14,049 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 12:17:14 BoogieIcfgContainer [2022-11-16 12:17:14,049 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 12:17:14,050 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 12:17:14,050 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 12:17:14,050 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 12:17:14,051 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:17:03" (3/4) ... [2022-11-16 12:17:14,054 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 12:17:14,068 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 12:17:14,068 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 12:17:14,069 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 12:17:14,069 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 12:17:14,070 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 12:17:14,070 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-16 12:17:14,079 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-11-16 12:17:14,081 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-16 12:17:14,082 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-16 12:17:14,083 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 12:17:14,083 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 12:17:14,084 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 12:17:14,084 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 12:17:14,117 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-16 12:17:14,117 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-16 12:17:14,118 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-16 12:17:14,118 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-16 12:17:14,121 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-16 12:17:14,122 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,122 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-16 12:17:14,123 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-16 12:17:14,124 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-16 12:17:14,124 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,125 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-11-16 12:17:14,125 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-16 12:17:14,125 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-16 12:17:14,126 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,126 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,126 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,127 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-16 12:17:14,173 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/witness.graphml [2022-11-16 12:17:14,173 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 12:17:14,174 INFO L158 Benchmark]: Toolchain (without parser) took 12618.92ms. Allocated memory was 142.6MB in the beginning and 222.3MB in the end (delta: 79.7MB). Free memory was 107.8MB in the beginning and 185.3MB in the end (delta: -77.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,174 INFO L158 Benchmark]: CDTParser took 0.34ms. Allocated memory is still 94.4MB. Free memory was 67.6MB in the beginning and 67.5MB in the end (delta: 27.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 12:17:14,175 INFO L158 Benchmark]: CACSL2BoogieTranslator took 840.24ms. Allocated memory is still 142.6MB. Free memory was 107.8MB in the beginning and 110.1MB in the end (delta: -2.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,175 INFO L158 Benchmark]: Boogie Procedure Inliner took 94.49ms. Allocated memory is still 142.6MB. Free memory was 110.1MB in the beginning and 107.3MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,176 INFO L158 Benchmark]: Boogie Preprocessor took 59.58ms. Allocated memory is still 142.6MB. Free memory was 107.3MB in the beginning and 105.9MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 12:17:14,176 INFO L158 Benchmark]: RCFGBuilder took 705.51ms. Allocated memory is still 142.6MB. Free memory was 105.9MB in the beginning and 87.6MB in the end (delta: 18.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,177 INFO L158 Benchmark]: TraceAbstraction took 10787.23ms. Allocated memory was 142.6MB in the beginning and 222.3MB in the end (delta: 79.7MB). Free memory was 87.0MB in the beginning and 190.6MB in the end (delta: -103.5MB). Peak memory consumption was 99.4MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,178 INFO L158 Benchmark]: Witness Printer took 123.41ms. Allocated memory is still 222.3MB. Free memory was 190.6MB in the beginning and 185.3MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-16 12:17:14,182 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.34ms. Allocated memory is still 94.4MB. Free memory was 67.6MB in the beginning and 67.5MB in the end (delta: 27.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 840.24ms. Allocated memory is still 142.6MB. Free memory was 107.8MB in the beginning and 110.1MB in the end (delta: -2.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 94.49ms. Allocated memory is still 142.6MB. Free memory was 110.1MB in the beginning and 107.3MB in the end (delta: 2.8MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.58ms. Allocated memory is still 142.6MB. Free memory was 107.3MB in the beginning and 105.9MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 705.51ms. Allocated memory is still 142.6MB. Free memory was 105.9MB in the beginning and 87.6MB in the end (delta: 18.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 10787.23ms. Allocated memory was 142.6MB in the beginning and 222.3MB in the end (delta: 79.7MB). Free memory was 87.0MB in the beginning and 190.6MB in the end (delta: -103.5MB). Peak memory consumption was 99.4MB. Max. memory is 16.1GB. * Witness Printer took 123.41ms. Allocated memory is still 222.3MB. Free memory was 190.6MB in the beginning and 185.3MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 211]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 10.6s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 832 SdHoareTripleChecker+Valid, 1.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 816 mSDsluCounter, 3348 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2368 mSDsCounter, 183 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 962 IncrementalHoareTripleChecker+Invalid, 1145 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 183 mSolverCounterUnsat, 980 mSDtfsCounter, 962 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 318 GetRequests, 247 SyntacticMatches, 5 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 193 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=400occurred in iteration=9, InterpolantAutomatonStates: 70, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 77 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 685 PreInvPairs, 800 NumberOfFragments, 1975 HoareAnnotationTreeSize, 685 FomulaSimplifications, 493 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 40 FomulaSimplificationsInter, 3520 FormulaSimplificationTreeSizeReductionInter, 3.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.6s InterpolantComputationTime, 577 NumberOfCodeBlocks, 577 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 652 ConstructedInterpolants, 0 QuantifiedInterpolants, 1381 SizeOfPredicates, 3 NumberOfNonLiveVariables, 454 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 97/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 857]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 823]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 161]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 227]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 104]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 183]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 725]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 169]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 848]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 716]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 882]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 957]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 234]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 726]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 623]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 207]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 938]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) RESULT: Ultimate proved your program to be correct! [2022-11-16 12:17:14,250 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b8053a05-6bdc-4b15-b794-44517f017461/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE