./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 11:20:11,761 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 11:20:11,763 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 11:20:11,784 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 11:20:11,785 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 11:20:11,786 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 11:20:11,787 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 11:20:11,789 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 11:20:11,791 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 11:20:11,792 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 11:20:11,793 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 11:20:11,795 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 11:20:11,795 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 11:20:11,796 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 11:20:11,798 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 11:20:11,799 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 11:20:11,800 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 11:20:11,801 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 11:20:11,803 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 11:20:11,806 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 11:20:11,807 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 11:20:11,809 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 11:20:11,810 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 11:20:11,811 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 11:20:11,816 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 11:20:11,817 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 11:20:11,817 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 11:20:11,818 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 11:20:11,819 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 11:20:11,820 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 11:20:11,821 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 11:20:11,821 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 11:20:11,823 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 11:20:11,824 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 11:20:11,825 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 11:20:11,825 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 11:20:11,826 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 11:20:11,826 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 11:20:11,827 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 11:20:11,828 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 11:20:11,829 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 11:20:11,829 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-16 11:20:11,854 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 11:20:11,854 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 11:20:11,854 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 11:20:11,855 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 11:20:11,855 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 11:20:11,856 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 11:20:11,856 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-16 11:20:11,857 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-16 11:20:11,857 INFO L138 SettingsManager]: * Use SBE=true [2022-11-16 11:20:11,857 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 11:20:11,857 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 11:20:11,858 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 11:20:11,858 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 11:20:11,858 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 11:20:11,858 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 11:20:11,859 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 11:20:11,859 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 11:20:11,859 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 11:20:11,859 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 11:20:11,860 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 11:20:11,860 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 11:20:11,860 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 11:20:11,860 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-16 11:20:11,860 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 11:20:11,861 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 11:20:11,861 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 11:20:11,861 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 11:20:11,861 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 11:20:11,862 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-16 11:20:11,862 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 11:20:11,862 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-16 11:20:11,862 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-16 11:20:11,863 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 11:20:11,863 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c [2022-11-16 11:20:12,130 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 11:20:12,158 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 11:20:12,160 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 11:20:12,163 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 11:20:12,164 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 11:20:12,165 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-16 11:20:12,244 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/data/1f8b33fc1/5fb1c2ae17e5434da5914754cff394d8/FLAGc71771f51 [2022-11-16 11:20:12,916 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 11:20:12,917 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-16 11:20:12,935 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/data/1f8b33fc1/5fb1c2ae17e5434da5914754cff394d8/FLAGc71771f51 [2022-11-16 11:20:13,223 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/data/1f8b33fc1/5fb1c2ae17e5434da5914754cff394d8 [2022-11-16 11:20:13,226 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 11:20:13,230 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 11:20:13,232 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 11:20:13,232 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 11:20:13,236 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 11:20:13,237 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,238 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@554ad6d9 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13, skipping insertion in model container [2022-11-16 11:20:13,238 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,246 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 11:20:13,301 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 11:20:13,606 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-16 11:20:13,686 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 11:20:13,695 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 11:20:13,762 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-16 11:20:13,812 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 11:20:13,841 INFO L208 MainTranslator]: Completed translation [2022-11-16 11:20:13,842 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13 WrapperNode [2022-11-16 11:20:13,843 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 11:20:13,844 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 11:20:13,844 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 11:20:13,844 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 11:20:13,852 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,876 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,921 INFO L138 Inliner]: procedures = 57, calls = 157, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 262 [2022-11-16 11:20:13,922 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 11:20:13,922 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 11:20:13,923 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 11:20:13,923 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 11:20:13,933 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,933 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,946 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,946 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,951 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,955 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,956 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,957 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,988 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 11:20:13,989 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 11:20:13,989 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 11:20:13,989 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 11:20:13,991 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (1/1) ... [2022-11-16 11:20:13,998 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 11:20:14,015 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 11:20:14,032 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 11:20:14,063 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 11:20:14,086 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 11:20:14,086 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 11:20:14,086 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 11:20:14,086 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 11:20:14,086 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 11:20:14,086 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 11:20:14,087 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 11:20:14,087 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:20:14,087 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:20:14,087 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 11:20:14,087 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 11:20:14,087 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-16 11:20:14,087 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-16 11:20:14,088 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 11:20:14,088 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 11:20:14,088 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 11:20:14,089 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 11:20:14,089 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 11:20:14,204 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 11:20:14,206 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 11:20:14,562 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 11:20:14,569 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 11:20:14,570 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 11:20:14,572 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:20:14 BoogieIcfgContainer [2022-11-16 11:20:14,572 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 11:20:14,575 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 11:20:14,575 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 11:20:14,582 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 11:20:14,582 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 11:20:13" (1/3) ... [2022-11-16 11:20:14,583 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3dbfe202 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 11:20:14, skipping insertion in model container [2022-11-16 11:20:14,583 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:20:13" (2/3) ... [2022-11-16 11:20:14,584 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3dbfe202 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 11:20:14, skipping insertion in model container [2022-11-16 11:20:14,584 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:20:14" (3/3) ... [2022-11-16 11:20:14,585 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product49.cil.c [2022-11-16 11:20:14,606 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 11:20:14,606 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 11:20:14,676 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 11:20:14,686 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@209e6e02, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 11:20:14,686 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 11:20:14,693 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-16 11:20:14,707 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-16 11:20:14,707 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:14,708 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:14,709 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:14,717 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:14,717 INFO L85 PathProgramCache]: Analyzing trace with hash -1747145324, now seen corresponding path program 1 times [2022-11-16 11:20:14,729 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:14,730 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [188415477] [2022-11-16 11:20:14,730 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:14,731 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:14,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,076 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-16 11:20:15,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,083 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-16 11:20:15,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,089 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:15,090 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:15,090 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [188415477] [2022-11-16 11:20:15,091 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [188415477] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:15,091 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:15,091 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 11:20:15,093 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1205617950] [2022-11-16 11:20:15,094 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:15,110 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 11:20:15,111 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:15,140 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 11:20:15,142 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 11:20:15,146 INFO L87 Difference]: Start difference. First operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:20:15,218 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:15,219 INFO L93 Difference]: Finished difference Result 175 states and 238 transitions. [2022-11-16 11:20:15,222 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 11:20:15,223 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-16 11:20:15,224 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:15,240 INFO L225 Difference]: With dead ends: 175 [2022-11-16 11:20:15,241 INFO L226 Difference]: Without dead ends: 83 [2022-11-16 11:20:15,247 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 11:20:15,255 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:15,257 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:20:15,278 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-16 11:20:15,315 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-16 11:20:15,317 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.3125) internal successors, (84), 71 states have internal predecessors, (84), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-16 11:20:15,327 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 107 transitions. [2022-11-16 11:20:15,330 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 107 transitions. Word has length 32 [2022-11-16 11:20:15,330 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:15,330 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 107 transitions. [2022-11-16 11:20:15,332 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:20:15,332 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 107 transitions. [2022-11-16 11:20:15,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-16 11:20:15,340 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:15,341 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:15,341 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 11:20:15,341 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:15,344 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:15,345 INFO L85 PathProgramCache]: Analyzing trace with hash -372618950, now seen corresponding path program 1 times [2022-11-16 11:20:15,345 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:15,345 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1412147043] [2022-11-16 11:20:15,346 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:15,346 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:15,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,534 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:15,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,542 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-11-16 11:20:15,544 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,546 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:15,547 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:15,547 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1412147043] [2022-11-16 11:20:15,548 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1412147043] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:15,548 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:15,548 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 11:20:15,548 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1780950346] [2022-11-16 11:20:15,549 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:15,550 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 11:20:15,550 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:15,551 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 11:20:15,552 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:20:15,552 INFO L87 Difference]: Start difference. First operand 83 states and 107 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:20:15,574 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:15,574 INFO L93 Difference]: Finished difference Result 158 states and 209 transitions. [2022-11-16 11:20:15,574 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 11:20:15,575 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-11-16 11:20:15,575 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:15,576 INFO L225 Difference]: With dead ends: 158 [2022-11-16 11:20:15,577 INFO L226 Difference]: Without dead ends: 83 [2022-11-16 11:20:15,578 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:20:15,579 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 84 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:15,580 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 105 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:20:15,581 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-16 11:20:15,590 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-16 11:20:15,590 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.296875) internal successors, (83), 71 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-16 11:20:15,591 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 106 transitions. [2022-11-16 11:20:15,591 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 106 transitions. Word has length 37 [2022-11-16 11:20:15,593 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:15,593 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 106 transitions. [2022-11-16 11:20:15,593 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:20:15,594 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 106 transitions. [2022-11-16 11:20:15,595 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-16 11:20:15,595 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:15,595 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:15,596 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 11:20:15,596 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:15,596 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:15,597 INFO L85 PathProgramCache]: Analyzing trace with hash -2098549486, now seen corresponding path program 1 times [2022-11-16 11:20:15,597 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:15,597 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1450691857] [2022-11-16 11:20:15,597 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:15,598 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:15,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,718 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-16 11:20:15,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,736 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-16 11:20:15,739 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,741 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 11:20:15,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,743 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-16 11:20:15,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:15,746 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:15,747 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:15,747 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1450691857] [2022-11-16 11:20:15,747 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1450691857] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:15,747 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:15,748 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-16 11:20:15,748 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1745828068] [2022-11-16 11:20:15,748 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:15,749 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-16 11:20:15,749 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:15,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-16 11:20:15,749 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 11:20:15,750 INFO L87 Difference]: Start difference. First operand 83 states and 106 transitions. Second operand has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 11:20:15,938 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:15,939 INFO L93 Difference]: Finished difference Result 146 states and 186 transitions. [2022-11-16 11:20:15,939 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-16 11:20:15,940 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2022-11-16 11:20:15,940 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:15,941 INFO L225 Difference]: With dead ends: 146 [2022-11-16 11:20:15,941 INFO L226 Difference]: Without dead ends: 89 [2022-11-16 11:20:15,942 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 11:20:15,943 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 63 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 194 SdHoareTripleChecker+Invalid, 65 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:15,944 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 194 Invalid, 65 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 11:20:15,945 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-16 11:20:15,955 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 74. [2022-11-16 11:20:15,955 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 11:20:15,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 94 transitions. [2022-11-16 11:20:15,956 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 94 transitions. Word has length 43 [2022-11-16 11:20:15,957 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:15,957 INFO L495 AbstractCegarLoop]: Abstraction has 74 states and 94 transitions. [2022-11-16 11:20:15,957 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 11:20:15,957 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 94 transitions. [2022-11-16 11:20:15,958 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-16 11:20:15,958 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:15,959 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:15,959 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 11:20:15,959 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:15,960 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:15,960 INFO L85 PathProgramCache]: Analyzing trace with hash 273957597, now seen corresponding path program 1 times [2022-11-16 11:20:15,960 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:15,960 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1744609185] [2022-11-16 11:20:15,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:15,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:16,001 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,084 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:16,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,091 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-16 11:20:16,093 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,125 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 11:20:16,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,129 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-11-16 11:20:16,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,140 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:16,140 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:16,140 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1744609185] [2022-11-16 11:20:16,140 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1744609185] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:16,141 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:16,141 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 11:20:16,141 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1036784347] [2022-11-16 11:20:16,141 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:16,141 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 11:20:16,142 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:16,142 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 11:20:16,142 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 11:20:16,143 INFO L87 Difference]: Start difference. First operand 74 states and 94 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-16 11:20:16,349 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:16,349 INFO L93 Difference]: Finished difference Result 218 states and 279 transitions. [2022-11-16 11:20:16,349 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:20:16,350 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 47 [2022-11-16 11:20:16,350 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:16,351 INFO L225 Difference]: With dead ends: 218 [2022-11-16 11:20:16,352 INFO L226 Difference]: Without dead ends: 152 [2022-11-16 11:20:16,353 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-16 11:20:16,354 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 194 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 104 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 197 SdHoareTripleChecker+Valid, 304 SdHoareTripleChecker+Invalid, 150 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 104 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:16,355 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [197 Valid, 304 Invalid, 150 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 11:20:16,356 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2022-11-16 11:20:16,375 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 146. [2022-11-16 11:20:16,375 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 113 states have (on average 1.2743362831858407) internal successors, (144), 120 states have internal predecessors, (144), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 11:20:16,376 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 181 transitions. [2022-11-16 11:20:16,377 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 181 transitions. Word has length 47 [2022-11-16 11:20:16,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:16,377 INFO L495 AbstractCegarLoop]: Abstraction has 146 states and 181 transitions. [2022-11-16 11:20:16,378 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-16 11:20:16,378 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 181 transitions. [2022-11-16 11:20:16,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 11:20:16,379 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:16,379 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:16,380 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 11:20:16,380 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:16,380 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:16,380 INFO L85 PathProgramCache]: Analyzing trace with hash -419087457, now seen corresponding path program 1 times [2022-11-16 11:20:16,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:16,381 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [590570942] [2022-11-16 11:20:16,381 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:16,381 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:16,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,498 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:16,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,504 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-16 11:20:16,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,539 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 11:20:16,540 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,542 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:16,542 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:16,542 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [590570942] [2022-11-16 11:20:16,543 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [590570942] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:16,543 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:16,543 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 11:20:16,543 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1901303777] [2022-11-16 11:20:16,544 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:16,544 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 11:20:16,544 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:16,545 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 11:20:16,545 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-16 11:20:16,545 INFO L87 Difference]: Start difference. First operand 146 states and 181 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:16,699 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:16,699 INFO L93 Difference]: Finished difference Result 292 states and 366 transitions. [2022-11-16 11:20:16,700 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:20:16,700 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-16 11:20:16,701 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:16,702 INFO L225 Difference]: With dead ends: 292 [2022-11-16 11:20:16,702 INFO L226 Difference]: Without dead ends: 154 [2022-11-16 11:20:16,703 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-16 11:20:16,704 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 64 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 116 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 380 SdHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 116 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:16,705 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 380 Invalid, 134 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 11:20:16,706 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-16 11:20:16,722 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 149. [2022-11-16 11:20:16,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 116 states have (on average 1.2672413793103448) internal successors, (147), 123 states have internal predecessors, (147), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 11:20:16,724 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 184 transitions. [2022-11-16 11:20:16,725 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 184 transitions. Word has length 51 [2022-11-16 11:20:16,725 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:16,725 INFO L495 AbstractCegarLoop]: Abstraction has 149 states and 184 transitions. [2022-11-16 11:20:16,725 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:16,726 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 184 transitions. [2022-11-16 11:20:16,727 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 11:20:16,727 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:16,727 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:16,727 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 11:20:16,728 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:16,728 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:16,728 INFO L85 PathProgramCache]: Analyzing trace with hash -2108031199, now seen corresponding path program 1 times [2022-11-16 11:20:16,728 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:16,729 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2142887266] [2022-11-16 11:20:16,729 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:16,729 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:16,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,807 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:16,808 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,812 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-16 11:20:16,815 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,841 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 11:20:16,844 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:16,847 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:16,847 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:16,847 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2142887266] [2022-11-16 11:20:16,848 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2142887266] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:16,848 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:16,848 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 11:20:16,849 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [811739375] [2022-11-16 11:20:16,849 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:16,851 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 11:20:16,852 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:16,852 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 11:20:16,853 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 11:20:16,854 INFO L87 Difference]: Start difference. First operand 149 states and 184 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:17,019 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:17,020 INFO L93 Difference]: Finished difference Result 300 states and 377 transitions. [2022-11-16 11:20:17,020 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-16 11:20:17,021 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-16 11:20:17,021 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:17,024 INFO L225 Difference]: With dead ends: 300 [2022-11-16 11:20:17,025 INFO L226 Difference]: Without dead ends: 159 [2022-11-16 11:20:17,025 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-16 11:20:17,033 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 67 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:17,037 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 297 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 11:20:17,039 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2022-11-16 11:20:17,069 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 151. [2022-11-16 11:20:17,072 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 118 states have (on average 1.2627118644067796) internal successors, (149), 125 states have internal predecessors, (149), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 11:20:17,074 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 186 transitions. [2022-11-16 11:20:17,074 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 186 transitions. Word has length 51 [2022-11-16 11:20:17,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:17,076 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 186 transitions. [2022-11-16 11:20:17,077 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:17,077 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 186 transitions. [2022-11-16 11:20:17,080 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-16 11:20:17,081 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:17,081 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:17,081 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 11:20:17,082 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:17,082 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:17,082 INFO L85 PathProgramCache]: Analyzing trace with hash -1685329373, now seen corresponding path program 1 times [2022-11-16 11:20:17,082 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:17,083 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1881207191] [2022-11-16 11:20:17,083 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:17,083 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:17,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,211 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:17,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,219 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-16 11:20:17,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,235 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-16 11:20:17,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,238 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:17,238 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:17,238 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1881207191] [2022-11-16 11:20:17,239 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1881207191] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:17,239 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:17,239 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 11:20:17,239 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [491411576] [2022-11-16 11:20:17,240 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:17,240 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 11:20:17,240 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:17,241 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 11:20:17,241 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 11:20:17,241 INFO L87 Difference]: Start difference. First operand 151 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:17,470 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:17,471 INFO L93 Difference]: Finished difference Result 431 states and 551 transitions. [2022-11-16 11:20:17,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:20:17,472 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-16 11:20:17,472 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:17,474 INFO L225 Difference]: With dead ends: 431 [2022-11-16 11:20:17,474 INFO L226 Difference]: Without dead ends: 288 [2022-11-16 11:20:17,475 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-16 11:20:17,476 INFO L413 NwaCegarLoop]: 137 mSDtfsCounter, 212 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:17,477 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 307 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 11:20:17,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2022-11-16 11:20:17,503 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 280. [2022-11-16 11:20:17,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 280 states, 215 states have (on average 1.2465116279069768) internal successors, (268), 226 states have internal predecessors, (268), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-16 11:20:17,506 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 280 states to 280 states and 351 transitions. [2022-11-16 11:20:17,506 INFO L78 Accepts]: Start accepts. Automaton has 280 states and 351 transitions. Word has length 51 [2022-11-16 11:20:17,507 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:17,507 INFO L495 AbstractCegarLoop]: Abstraction has 280 states and 351 transitions. [2022-11-16 11:20:17,507 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:20:17,507 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 351 transitions. [2022-11-16 11:20:17,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-16 11:20:17,508 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:17,509 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:17,509 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-16 11:20:17,509 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:17,510 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:17,510 INFO L85 PathProgramCache]: Analyzing trace with hash 716766725, now seen corresponding path program 1 times [2022-11-16 11:20:17,510 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:17,510 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2097231238] [2022-11-16 11:20:17,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:17,511 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:17,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,654 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-16 11:20:17,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,664 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-16 11:20:17,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,681 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-16 11:20:17,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,684 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2022-11-16 11:20:17,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:17,707 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-16 11:20:17,707 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:17,707 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2097231238] [2022-11-16 11:20:17,708 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2097231238] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:17,708 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:17,708 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-16 11:20:17,708 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1809104929] [2022-11-16 11:20:17,708 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:17,709 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-16 11:20:17,709 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:17,710 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-16 11:20:17,710 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-16 11:20:17,710 INFO L87 Difference]: Start difference. First operand 280 states and 351 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 11:20:18,096 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:18,097 INFO L93 Difference]: Finished difference Result 568 states and 723 transitions. [2022-11-16 11:20:18,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-16 11:20:18,098 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 53 [2022-11-16 11:20:18,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:18,100 INFO L225 Difference]: With dead ends: 568 [2022-11-16 11:20:18,100 INFO L226 Difference]: Without dead ends: 296 [2022-11-16 11:20:18,102 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-16 11:20:18,103 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 128 mSDsluCounter, 341 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 429 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:18,103 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 429 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-16 11:20:18,104 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2022-11-16 11:20:18,163 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 276. [2022-11-16 11:20:18,164 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 211 states have (on average 1.2132701421800949) internal successors, (256), 222 states have internal predecessors, (256), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-16 11:20:18,166 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 339 transitions. [2022-11-16 11:20:18,166 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 339 transitions. Word has length 53 [2022-11-16 11:20:18,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:18,166 INFO L495 AbstractCegarLoop]: Abstraction has 276 states and 339 transitions. [2022-11-16 11:20:18,167 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 11:20:18,167 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 339 transitions. [2022-11-16 11:20:18,168 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-16 11:20:18,168 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:18,168 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:18,169 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-16 11:20:18,169 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:18,169 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:18,169 INFO L85 PathProgramCache]: Analyzing trace with hash -1754438647, now seen corresponding path program 1 times [2022-11-16 11:20:18,170 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:18,170 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1696476247] [2022-11-16 11:20:18,170 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:18,170 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:18,202 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:18,420 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 11:20:18,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:18,469 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-16 11:20:18,470 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:18,482 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-11-16 11:20:18,484 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:18,515 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-16 11:20:18,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:18,517 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:20:18,518 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:18,518 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1696476247] [2022-11-16 11:20:18,518 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1696476247] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:20:18,518 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:20:18,518 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-16 11:20:18,519 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [341142189] [2022-11-16 11:20:18,519 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:20:18,519 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-16 11:20:18,519 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:18,520 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-16 11:20:18,520 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-16 11:20:18,520 INFO L87 Difference]: Start difference. First operand 276 states and 339 transitions. Second operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 11:20:19,402 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:19,402 INFO L93 Difference]: Finished difference Result 818 states and 1041 transitions. [2022-11-16 11:20:19,402 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-16 11:20:19,403 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 55 [2022-11-16 11:20:19,404 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:19,410 INFO L225 Difference]: With dead ends: 818 [2022-11-16 11:20:19,410 INFO L226 Difference]: Without dead ends: 600 [2022-11-16 11:20:19,412 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 199 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=187, Invalid=743, Unknown=0, NotChecked=0, Total=930 [2022-11-16 11:20:19,415 INFO L413 NwaCegarLoop]: 120 mSDtfsCounter, 474 mSDsluCounter, 686 mSDsCounter, 0 mSdLazyCounter, 757 mSolverCounterSat, 149 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 480 SdHoareTripleChecker+Valid, 806 SdHoareTripleChecker+Invalid, 906 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 149 IncrementalHoareTripleChecker+Valid, 757 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:19,415 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [480 Valid, 806 Invalid, 906 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [149 Valid, 757 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-16 11:20:19,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 600 states. [2022-11-16 11:20:19,514 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 600 to 513. [2022-11-16 11:20:19,515 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 513 states, 394 states have (on average 1.2081218274111676) internal successors, (476), 416 states have internal predecessors, (476), 61 states have call successors, (61), 51 states have call predecessors, (61), 57 states have return successors, (85), 61 states have call predecessors, (85), 61 states have call successors, (85) [2022-11-16 11:20:19,519 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 513 states to 513 states and 622 transitions. [2022-11-16 11:20:19,520 INFO L78 Accepts]: Start accepts. Automaton has 513 states and 622 transitions. Word has length 55 [2022-11-16 11:20:19,520 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:19,520 INFO L495 AbstractCegarLoop]: Abstraction has 513 states and 622 transitions. [2022-11-16 11:20:19,520 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 11:20:19,521 INFO L276 IsEmpty]: Start isEmpty. Operand 513 states and 622 transitions. [2022-11-16 11:20:19,523 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2022-11-16 11:20:19,523 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:19,523 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:19,523 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-16 11:20:19,524 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:19,525 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:19,525 INFO L85 PathProgramCache]: Analyzing trace with hash 1281558822, now seen corresponding path program 1 times [2022-11-16 11:20:19,526 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:19,526 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1403256107] [2022-11-16 11:20:19,526 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:19,526 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:19,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,658 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 11:20:19,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,679 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-16 11:20:19,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,693 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 11:20:19,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,705 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-16 11:20:19,707 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,717 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-16 11:20:19,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,720 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2022-11-16 11:20:19,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,724 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 11:20:19,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,726 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2022-11-16 11:20:19,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,728 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 4 proven. 10 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-16 11:20:19,729 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:19,729 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1403256107] [2022-11-16 11:20:19,729 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1403256107] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 11:20:19,729 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1089992664] [2022-11-16 11:20:19,729 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:19,730 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 11:20:19,730 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 11:20:19,735 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 11:20:19,742 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 11:20:19,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:19,872 INFO L263 TraceCheckSpWp]: Trace formula consists of 472 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-16 11:20:19,880 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 11:20:20,050 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 11:20:20,050 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 11:20:20,248 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 11:20:20,248 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1089992664] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 11:20:20,248 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 11:20:20,249 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2022-11-16 11:20:20,249 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1001316000] [2022-11-16 11:20:20,249 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 11:20:20,250 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-16 11:20:20,250 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:20,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-16 11:20:20,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2022-11-16 11:20:20,251 INFO L87 Difference]: Start difference. First operand 513 states and 622 transitions. Second operand has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-16 11:20:21,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:21,675 INFO L93 Difference]: Finished difference Result 1171 states and 1466 transitions. [2022-11-16 11:20:21,676 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 38 states. [2022-11-16 11:20:21,676 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) Word has length 96 [2022-11-16 11:20:21,676 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:21,680 INFO L225 Difference]: With dead ends: 1171 [2022-11-16 11:20:21,680 INFO L226 Difference]: Without dead ends: 714 [2022-11-16 11:20:21,682 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 269 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 575 ImplicationChecksByTransitivity, 0.7s TimeCoverageRelationStatistics Valid=471, Invalid=1881, Unknown=0, NotChecked=0, Total=2352 [2022-11-16 11:20:21,683 INFO L413 NwaCegarLoop]: 166 mSDtfsCounter, 486 mSDsluCounter, 1077 mSDsCounter, 0 mSdLazyCounter, 937 mSolverCounterSat, 180 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 490 SdHoareTripleChecker+Valid, 1243 SdHoareTripleChecker+Invalid, 1117 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 180 IncrementalHoareTripleChecker+Valid, 937 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:21,683 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [490 Valid, 1243 Invalid, 1117 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [180 Valid, 937 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-16 11:20:21,684 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 714 states. [2022-11-16 11:20:21,783 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 714 to 580. [2022-11-16 11:20:21,784 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 442 states have (on average 1.2036199095022624) internal successors, (532), 471 states have internal predecessors, (532), 71 states have call successors, (71), 61 states have call predecessors, (71), 66 states have return successors, (91), 68 states have call predecessors, (91), 71 states have call successors, (91) [2022-11-16 11:20:21,787 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 694 transitions. [2022-11-16 11:20:21,789 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 694 transitions. Word has length 96 [2022-11-16 11:20:21,790 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:21,790 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 694 transitions. [2022-11-16 11:20:21,790 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-16 11:20:21,791 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 694 transitions. [2022-11-16 11:20:21,799 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2022-11-16 11:20:21,800 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:20:21,801 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:21,813 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 11:20:22,007 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 11:20:22,008 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:20:22,008 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:20:22,008 INFO L85 PathProgramCache]: Analyzing trace with hash -1223995222, now seen corresponding path program 1 times [2022-11-16 11:20:22,008 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:20:22,009 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1650187898] [2022-11-16 11:20:22,009 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:22,009 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:20:22,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,213 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 11:20:22,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,225 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-16 11:20:22,228 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,231 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 11:20:22,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,240 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-16 11:20:22,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,244 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2022-11-16 11:20:22,246 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,250 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 11:20:22,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,253 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-16 11:20:22,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 11:20:22,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,257 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2022-11-16 11:20:22,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,333 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 11:20:22,334 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,336 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 129 [2022-11-16 11:20:22,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,342 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 139 [2022-11-16 11:20:22,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,345 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 148 [2022-11-16 11:20:22,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,352 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 164 [2022-11-16 11:20:22,353 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,355 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 69 proven. 5 refuted. 0 times theorem prover too weak. 116 trivial. 0 not checked. [2022-11-16 11:20:22,355 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:20:22,355 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1650187898] [2022-11-16 11:20:22,355 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1650187898] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 11:20:22,355 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1545476260] [2022-11-16 11:20:22,356 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:20:22,356 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 11:20:22,356 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 11:20:22,357 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 11:20:22,368 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-16 11:20:22,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:20:22,528 INFO L263 TraceCheckSpWp]: Trace formula consists of 673 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-16 11:20:22,546 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 11:20:22,851 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 140 proven. 4 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-16 11:20:22,851 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 11:20:23,397 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 78 proven. 44 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2022-11-16 11:20:23,398 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1545476260] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 11:20:23,398 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 11:20:23,398 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-16 11:20:23,398 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [405322986] [2022-11-16 11:20:23,398 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 11:20:23,399 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-16 11:20:23,399 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:20:23,400 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-16 11:20:23,400 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=482, Unknown=0, NotChecked=0, Total=600 [2022-11-16 11:20:23,400 INFO L87 Difference]: Start difference. First operand 580 states and 694 transitions. Second operand has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-16 11:20:24,673 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:20:24,673 INFO L93 Difference]: Finished difference Result 1229 states and 1520 transitions. [2022-11-16 11:20:24,673 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-16 11:20:24,674 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) Word has length 172 [2022-11-16 11:20:24,674 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:20:24,675 INFO L225 Difference]: With dead ends: 1229 [2022-11-16 11:20:24,675 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 11:20:24,678 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 411 GetRequests, 360 SyntacticMatches, 5 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=483, Invalid=1773, Unknown=0, NotChecked=0, Total=2256 [2022-11-16 11:20:24,679 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 811 mSDsluCounter, 793 mSDsCounter, 0 mSdLazyCounter, 1027 mSolverCounterSat, 285 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 814 SdHoareTripleChecker+Valid, 894 SdHoareTripleChecker+Invalid, 1312 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 285 IncrementalHoareTripleChecker+Valid, 1027 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-16 11:20:24,680 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [814 Valid, 894 Invalid, 1312 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [285 Valid, 1027 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-16 11:20:24,680 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 11:20:24,680 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 11:20:24,681 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 11:20:24,681 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 11:20:24,681 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 172 [2022-11-16 11:20:24,681 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:20:24,681 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 11:20:24,682 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-16 11:20:24,682 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 11:20:24,682 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 11:20:24,685 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 11:20:24,694 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-11-16 11:20:24,891 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 11:20:24,893 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 11:20:32,225 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 92 98) no Hoare annotation was computed. [2022-11-16 11:20:32,225 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 92 98) the Hoare annotation is: true [2022-11-16 11:20:32,225 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 357 368) the Hoare annotation is: true [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point L361-1(lines 357 368) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 357 368) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point L450-1(line 450) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 444 473) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 444 473) the Hoare annotation is: true [2022-11-16 11:20:32,226 INFO L902 garLoopResultBuilder]: At program point L469(lines 444 473) the Hoare annotation is: true [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point L465(line 465) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 462) no Hoare annotation was computed. [2022-11-16 11:20:32,226 INFO L902 garLoopResultBuilder]: At program point L458-1(lines 458 462) the Hoare annotation is: true [2022-11-16 11:20:32,227 INFO L899 garLoopResultBuilder]: For program point L455(line 455) no Hoare annotation was computed. [2022-11-16 11:20:32,227 INFO L902 garLoopResultBuilder]: At program point L454-2(lines 454 468) the Hoare annotation is: true [2022-11-16 11:20:32,227 INFO L902 garLoopResultBuilder]: At program point L450(line 450) the Hoare annotation is: true [2022-11-16 11:20:32,227 INFO L899 garLoopResultBuilder]: For program point L337(lines 337 341) no Hoare annotation was computed. [2022-11-16 11:20:32,227 INFO L899 garLoopResultBuilder]: For program point L977(lines 977 983) no Hoare annotation was computed. [2022-11-16 11:20:32,228 INFO L895 garLoopResultBuilder]: At program point L337-2(lines 333 344) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 11:20:32,228 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 65 91) no Hoare annotation was computed. [2022-11-16 11:20:32,228 INFO L895 garLoopResultBuilder]: At program point L164(lines 159 166) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse9 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse8 .cse1 .cse2 (<= ~waterLevel~0 1) .cse9 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse9)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse6 .cse0 .cse4 .cse7) (or (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse6 .cse0 .cse4 .cse5 .cse7) (or .cse8 .cse0 .cse5)))) [2022-11-16 11:20:32,229 INFO L895 garLoopResultBuilder]: At program point L961(lines 954 963) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 11:20:32,229 INFO L899 garLoopResultBuilder]: For program point L251(lines 251 255) no Hoare annotation was computed. [2022-11-16 11:20:32,229 INFO L899 garLoopResultBuilder]: For program point L251-2(lines 251 255) no Hoare annotation was computed. [2022-11-16 11:20:32,230 INFO L895 garLoopResultBuilder]: At program point L974(line 974) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse12 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse4 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse9 (<= 1 ~switchedOnBeforeTS~0)) (.cse10 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse13 (and .cse0 .cse2 .cse3 .cse12 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse1 (not .cse16)) (.cse11 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse14 (and (<= 1 ~pumpRunning~0) .cse7 .cse3 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse15 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2) .cse4 .cse5) .cse6) (let ((.cse8 (= ~waterLevel~0 1))) (or (and .cse7 .cse3 .cse8 .cse9 .cse10) .cse1 .cse11 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse12 .cse8 .cse9 .cse10) .cse6)) (or .cse13 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse11 .cse14 .cse15) (let ((.cse17 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|)))) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse2 .cse3 .cse12 .cse16 .cse17 .cse5 .cse9) .cse13 .cse1 .cse11 (and .cse7 .cse3 .cse17 .cse5 .cse9) .cse14 .cse15))))) [2022-11-16 11:20:32,230 INFO L895 garLoopResultBuilder]: At program point L429(lines 424 432) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 11:20:32,230 INFO L899 garLoopResultBuilder]: For program point L974-1(line 974) no Hoare annotation was computed. [2022-11-16 11:20:32,230 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 11:20:32,231 INFO L899 garLoopResultBuilder]: For program point L438(line 438) no Hoare annotation was computed. [2022-11-16 11:20:32,231 INFO L895 garLoopResultBuilder]: At program point L145(line 145) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-16 11:20:32,231 INFO L895 garLoopResultBuilder]: At program point L145-1(lines 126 150) the Hoare annotation is: (let ((.cse13 (<= 1 ~pumpRunning~0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse14 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse11 .cse1 .cse2 .cse15 .cse14 .cse16 .cse4)) (.cse0 (not .cse14)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse13 .cse6 .cse15 .cse14 .cse16 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4) .cse7)) (or (not (= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse5 .cse9 .cse10) (or .cse11 (and .cse1 .cse12) .cse0 .cse7 (and .cse13 (= 2 ~waterLevel~0) .cse12)) (or (and .cse6 .cse12 .cse4) .cse8 .cse0 .cse5 (and .cse11 .cse1 .cse2 .cse14 .cse12 .cse4) .cse9 .cse7 .cse10)))) [2022-11-16 11:20:32,232 INFO L899 garLoopResultBuilder]: For program point L79-1(lines 79 85) no Hoare annotation was computed. [2022-11-16 11:20:32,232 INFO L895 garLoopResultBuilder]: At program point L257(lines 242 260) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse2 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse7)) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4)))) [2022-11-16 11:20:32,232 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-16 11:20:32,232 INFO L899 garLoopResultBuilder]: For program point L959-1(line 959) no Hoare annotation was computed. [2022-11-16 11:20:32,233 INFO L895 garLoopResultBuilder]: At program point L439(lines 434 441) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-16 11:20:32,233 INFO L895 garLoopResultBuilder]: At program point L406(lines 401 409) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse13 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse10 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse12 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (and .cse0 .cse2 .cse3 .cse10 .cse15 .cse11 .cse16 .cse12)) (.cse9 (and .cse6 .cse13 .cse3 .cse15 .cse11 .cse16 .cse12)) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not .cse11)) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 (= 2 ~waterLevel~0) (= 2 |timeShift_getWaterLevel_#res#1|) .cse4)) (or .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2)) .cse9) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 (and .cse0 .cse2 .cse3 .cse10 .cse11 .cse4 .cse12) (and .cse13 .cse3 .cse4 .cse12) .cse9 .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 .cse9 .cse14) (or .cse1 .cse7 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse5)))) [2022-11-16 11:20:32,233 INFO L899 garLoopResultBuilder]: For program point L976(lines 976 986) no Hoare annotation was computed. [2022-11-16 11:20:32,234 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 65 91) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-16 11:20:32,234 INFO L899 garLoopResultBuilder]: For program point L972(lines 972 989) no Hoare annotation was computed. [2022-11-16 11:20:32,234 INFO L895 garLoopResultBuilder]: At program point L972-1(lines 964 992) the Hoare annotation is: (let ((.cse17 (<= 1 ~pumpRunning~0)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse18 (<= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse20 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse7 (<= 1 ~switchedOnBeforeTS~0)) (.cse21 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse5 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse0 .cse1 .cse2 .cse3 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse10 (and .cse17 .cse8 .cse0 .cse2 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse11 (not .cse4)) (.cse12 (not (<= 1 |old(~pumpRunning~0)|))) (.cse19 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7) (and .cse8 .cse0 .cse2 .cse4 .cse5 .cse6 .cse7) .cse9 .cse10 .cse11 .cse12 .cse13) (let ((.cse14 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse15 (<= 2 ~waterLevel~0)) (.cse16 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2))) (or .cse0 (and .cse1 .cse14 .cse15 .cse6 .cse16) .cse11 (and .cse17 .cse14 .cse15 .cse6 .cse16) (and .cse1 .cse2 .cse18 .cse5 .cse6) .cse19)) (or .cse9 .cse10 .cse11 .cse12 (not (= |old(~waterLevel~0)| 2))) (or .cse9 (not (= |old(~waterLevel~0)| 1)) .cse10 .cse11 .cse12 .cse13) (or .cse11 .cse12 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse19)))) [2022-11-16 11:20:32,234 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 65 91) no Hoare annotation was computed. [2022-11-16 11:20:32,235 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 438) no Hoare annotation was computed. [2022-11-16 11:20:32,235 INFO L899 garLoopResultBuilder]: For program point L72(lines 72 78) no Hoare annotation was computed. [2022-11-16 11:20:32,235 INFO L899 garLoopResultBuilder]: For program point L72-2(lines 68 90) no Hoare annotation was computed. [2022-11-16 11:20:32,235 INFO L899 garLoopResultBuilder]: For program point L134(lines 134 142) no Hoare annotation was computed. [2022-11-16 11:20:32,235 INFO L899 garLoopResultBuilder]: For program point L130(lines 130 147) no Hoare annotation was computed. [2022-11-16 11:20:32,236 INFO L895 garLoopResultBuilder]: At program point L287(line 287) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-16 11:20:32,236 INFO L902 garLoopResultBuilder]: At program point L539(lines 520 542) the Hoare annotation is: true [2022-11-16 11:20:32,236 INFO L895 garLoopResultBuilder]: At program point L502(lines 498 504) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:20:32,236 INFO L895 garLoopResultBuilder]: At program point L321(lines 274 322) the Hoare annotation is: false [2022-11-16 11:20:32,236 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-16 11:20:32,237 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-16 11:20:32,237 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-16 11:20:32,237 INFO L899 garLoopResultBuilder]: For program point L276(lines 275 320) no Hoare annotation was computed. [2022-11-16 11:20:32,237 INFO L899 garLoopResultBuilder]: For program point L305(lines 305 316) no Hoare annotation was computed. [2022-11-16 11:20:32,237 INFO L895 garLoopResultBuilder]: At program point L297(line 297) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:20:32,237 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 11:20:32,238 INFO L895 garLoopResultBuilder]: At program point L574(lines 569 577) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:20:32,238 INFO L895 garLoopResultBuilder]: At program point L318(lines 275 320) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-16 11:20:32,238 INFO L899 garLoopResultBuilder]: For program point L285(lines 285 291) no Hoare annotation was computed. [2022-11-16 11:20:32,238 INFO L899 garLoopResultBuilder]: For program point L285-1(lines 285 291) no Hoare annotation was computed. [2022-11-16 11:20:32,238 INFO L895 garLoopResultBuilder]: At program point L566(lines 562 568) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:20:32,239 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 281) no Hoare annotation was computed. [2022-11-16 11:20:32,239 INFO L895 garLoopResultBuilder]: At program point L951(lines 946 953) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:20:32,239 INFO L899 garLoopResultBuilder]: For program point L311(lines 311 315) no Hoare annotation was computed. [2022-11-16 11:20:32,239 INFO L895 garLoopResultBuilder]: At program point L311-2(lines 305 316) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:20:32,239 INFO L899 garLoopResultBuilder]: For program point L530(lines 530 537) no Hoare annotation was computed. [2022-11-16 11:20:32,240 INFO L899 garLoopResultBuilder]: For program point L530-2(lines 530 537) no Hoare annotation was computed. [2022-11-16 11:20:32,240 INFO L895 garLoopResultBuilder]: At program point L559(lines 555 561) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:20:32,240 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 301) no Hoare annotation was computed. [2022-11-16 11:20:32,240 INFO L899 garLoopResultBuilder]: For program point L295-1(lines 295 301) no Hoare annotation was computed. [2022-11-16 11:20:32,240 INFO L902 garLoopResultBuilder]: At program point L324(lines 265 328) the Hoare annotation is: true [2022-11-16 11:20:32,240 INFO L902 garLoopResultBuilder]: At program point L514(lines 506 516) the Hoare annotation is: true [2022-11-16 11:20:32,241 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 100 124) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-11-16 11:20:32,241 INFO L895 garLoopResultBuilder]: At program point L114(line 114) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:20:32,241 INFO L895 garLoopResultBuilder]: At program point L238(lines 223 241) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse0 .cse1 .cse2) (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (<= ~waterLevel~0 2))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:20:32,241 INFO L899 garLoopResultBuilder]: For program point L108(lines 108 116) no Hoare annotation was computed. [2022-11-16 11:20:32,242 INFO L899 garLoopResultBuilder]: For program point L104(lines 104 121) no Hoare annotation was computed. [2022-11-16 11:20:32,242 INFO L899 garLoopResultBuilder]: For program point L232(lines 232 236) no Hoare annotation was computed. [2022-11-16 11:20:32,242 INFO L899 garLoopResultBuilder]: For program point L232-2(lines 232 236) no Hoare annotation was computed. [2022-11-16 11:20:32,242 INFO L899 garLoopResultBuilder]: For program point L414(lines 414 420) no Hoare annotation was computed. [2022-11-16 11:20:32,242 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 158) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:20:32,243 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 100 124) no Hoare annotation was computed. [2022-11-16 11:20:32,243 INFO L895 garLoopResultBuilder]: At program point L119(line 119) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-11-16 11:20:32,243 INFO L899 garLoopResultBuilder]: For program point L119-1(lines 100 124) no Hoare annotation was computed. [2022-11-16 11:20:32,243 INFO L895 garLoopResultBuilder]: At program point L419(lines 410 423) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (and .cse1 (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:20:32,244 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 345 356) no Hoare annotation was computed. [2022-11-16 11:20:32,244 INFO L899 garLoopResultBuilder]: For program point L349-1(lines 345 356) no Hoare annotation was computed. [2022-11-16 11:20:32,244 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 345 356) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-16 11:20:32,244 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 178 186) no Hoare annotation was computed. [2022-11-16 11:20:32,244 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 178 186) the Hoare annotation is: true [2022-11-16 11:20:32,244 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 178 186) no Hoare annotation was computed. [2022-11-16 11:20:32,248 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:20:32,250 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 11:20:32,306 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 11:20:32 BoogieIcfgContainer [2022-11-16 11:20:32,319 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 11:20:32,319 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 11:20:32,319 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 11:20:32,320 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 11:20:32,320 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:20:14" (3/4) ... [2022-11-16 11:20:32,323 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 11:20:32,329 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 11:20:32,335 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 11:20:32,335 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 11:20:32,335 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 11:20:32,336 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:20:32,336 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 11:20:32,336 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-16 11:20:32,343 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-11-16 11:20:32,346 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-16 11:20:32,347 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-16 11:20:32,347 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 11:20:32,348 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 11:20:32,348 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 11:20:32,349 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 11:20:32,385 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 11:20:32,386 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,387 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,388 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 11:20:32,388 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,388 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,389 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,389 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:20:32,389 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,390 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:20:32,390 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:20:32,390 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:20:32,445 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/witness.graphml [2022-11-16 11:20:32,445 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 11:20:32,446 INFO L158 Benchmark]: Toolchain (without parser) took 19216.32ms. Allocated memory was 104.9MB in the beginning and 218.1MB in the end (delta: 113.2MB). Free memory was 69.3MB in the beginning and 189.7MB in the end (delta: -120.4MB). Peak memory consumption was 118.7MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,446 INFO L158 Benchmark]: CDTParser took 0.23ms. Allocated memory is still 104.9MB. Free memory was 75.6MB in the beginning and 75.6MB in the end (delta: 25.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 11:20:32,447 INFO L158 Benchmark]: CACSL2BoogieTranslator took 610.92ms. Allocated memory is still 104.9MB. Free memory was 69.0MB in the beginning and 72.2MB in the end (delta: -3.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,447 INFO L158 Benchmark]: Boogie Procedure Inliner took 78.14ms. Allocated memory is still 104.9MB. Free memory was 72.2MB in the beginning and 69.8MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,447 INFO L158 Benchmark]: Boogie Preprocessor took 65.54ms. Allocated memory is still 104.9MB. Free memory was 69.8MB in the beginning and 68.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,448 INFO L158 Benchmark]: RCFGBuilder took 583.63ms. Allocated memory is still 104.9MB. Free memory was 68.1MB in the beginning and 48.8MB in the end (delta: 19.2MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,449 INFO L158 Benchmark]: TraceAbstraction took 17744.08ms. Allocated memory was 104.9MB in the beginning and 218.1MB in the end (delta: 113.2MB). Free memory was 48.3MB in the beginning and 70.4MB in the end (delta: -22.2MB). Peak memory consumption was 99.0MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,449 INFO L158 Benchmark]: Witness Printer took 126.36ms. Allocated memory is still 218.1MB. Free memory was 70.4MB in the beginning and 189.7MB in the end (delta: -119.3MB). Peak memory consumption was 4.5MB. Max. memory is 16.1GB. [2022-11-16 11:20:32,452 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.23ms. Allocated memory is still 104.9MB. Free memory was 75.6MB in the beginning and 75.6MB in the end (delta: 25.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 610.92ms. Allocated memory is still 104.9MB. Free memory was 69.0MB in the beginning and 72.2MB in the end (delta: -3.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 78.14ms. Allocated memory is still 104.9MB. Free memory was 72.2MB in the beginning and 69.8MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 65.54ms. Allocated memory is still 104.9MB. Free memory was 69.8MB in the beginning and 68.1MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 583.63ms. Allocated memory is still 104.9MB. Free memory was 68.1MB in the beginning and 48.8MB in the end (delta: 19.2MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 17744.08ms. Allocated memory was 104.9MB in the beginning and 218.1MB in the end (delta: 113.2MB). Free memory was 48.3MB in the beginning and 70.4MB in the end (delta: -22.2MB). Peak memory consumption was 99.0MB. Max. memory is 16.1GB. * Witness Printer took 126.36ms. Allocated memory is still 218.1MB. Free memory was 70.4MB in the beginning and 189.7MB in the end (delta: -119.3MB). Peak memory consumption was 4.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 438]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 17.6s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 5.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 7.3s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2626 SdHoareTripleChecker+Valid, 2.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2583 mSDsluCounter, 5075 SdHoareTripleChecker+Invalid, 2.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3851 mSDsCounter, 789 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3440 IncrementalHoareTripleChecker+Invalid, 4229 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 789 mSolverCounterUnsat, 1224 mSDtfsCounter, 3440 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 828 GetRequests, 656 SyntacticMatches, 10 SemanticMatches, 162 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1241 ImplicationChecksByTransitivity, 2.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=580occurred in iteration=10, InterpolantAutomatonStates: 143, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 283 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 42 LocationsWithAnnotation, 1395 PreInvPairs, 1661 NumberOfFragments, 2740 HoareAnnotationTreeSize, 1395 FomulaSimplifications, 5612 FormulaSimplificationTreeSizeReduction, 0.9s HoareSimplificationTime, 42 FomulaSimplificationsInter, 24532 FormulaSimplificationTreeSizeReductionInter, 6.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 3.1s InterpolantComputationTime, 956 NumberOfCodeBlocks, 956 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1209 ConstructedInterpolants, 0 QuantifiedInterpolants, 2411 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1145 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 616/696 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 520]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 946]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 434]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 498]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 401]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 223]: Loop Invariant Derived loop invariant: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 159]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 242]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 410]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 562]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 424]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 454]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 506]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 964]: Loop Invariant Derived loop invariant: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 333]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 569]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 274]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 954]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 126]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-11-16 11:20:32,511 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a1ceb94-4061-4bfd-a6ef-8e0b10e1bc01/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE