./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 12:50:13,122 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 12:50:13,125 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 12:50:13,148 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 12:50:13,148 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 12:50:13,150 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 12:50:13,151 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 12:50:13,153 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 12:50:13,155 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 12:50:13,156 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 12:50:13,158 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 12:50:13,159 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 12:50:13,160 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 12:50:13,161 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 12:50:13,162 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 12:50:13,164 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 12:50:13,165 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 12:50:13,167 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 12:50:13,169 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 12:50:13,171 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 12:50:13,173 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 12:50:13,174 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 12:50:13,176 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 12:50:13,177 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 12:50:13,182 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 12:50:13,183 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 12:50:13,183 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 12:50:13,184 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 12:50:13,185 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 12:50:13,186 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 12:50:13,191 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 12:50:13,192 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 12:50:13,195 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 12:50:13,197 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 12:50:13,200 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 12:50:13,200 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 12:50:13,202 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 12:50:13,202 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 12:50:13,202 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 12:50:13,203 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 12:50:13,204 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 12:50:13,205 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-16 12:50:13,254 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 12:50:13,255 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 12:50:13,256 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 12:50:13,256 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 12:50:13,257 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 12:50:13,257 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 12:50:13,258 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-16 12:50:13,259 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-16 12:50:13,259 INFO L138 SettingsManager]: * Use SBE=true [2022-11-16 12:50:13,259 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 12:50:13,260 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 12:50:13,261 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 12:50:13,261 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 12:50:13,261 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 12:50:13,261 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 12:50:13,262 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 12:50:13,262 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 12:50:13,262 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 12:50:13,262 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 12:50:13,263 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 12:50:13,263 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 12:50:13,263 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 12:50:13,264 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-16 12:50:13,264 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 12:50:13,264 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 12:50:13,264 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 12:50:13,265 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 12:50:13,265 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 12:50:13,265 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-16 12:50:13,265 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 12:50:13,266 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-16 12:50:13,266 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-16 12:50:13,266 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 12:50:13,267 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 [2022-11-16 12:50:13,589 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 12:50:13,612 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 12:50:13,614 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 12:50:13,616 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 12:50:13,617 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 12:50:13,618 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-16 12:50:13,680 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/data/5432a8551/f8e3a6d60f18433d8a0cfdda8cf5a61a/FLAGfe38866b4 [2022-11-16 12:50:14,334 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 12:50:14,337 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-16 12:50:14,362 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/data/5432a8551/f8e3a6d60f18433d8a0cfdda8cf5a61a/FLAGfe38866b4 [2022-11-16 12:50:14,606 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/data/5432a8551/f8e3a6d60f18433d8a0cfdda8cf5a61a [2022-11-16 12:50:14,609 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 12:50:14,610 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 12:50:14,612 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 12:50:14,612 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 12:50:14,616 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 12:50:14,617 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 12:50:14" (1/1) ... [2022-11-16 12:50:14,619 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@26cd90e1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:14, skipping insertion in model container [2022-11-16 12:50:14,620 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 12:50:14" (1/1) ... [2022-11-16 12:50:14,628 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 12:50:14,675 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 12:50:14,874 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-16 12:50:15,026 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 12:50:15,036 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 12:50:15,063 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-16 12:50:15,171 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 12:50:15,196 INFO L208 MainTranslator]: Completed translation [2022-11-16 12:50:15,196 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15 WrapperNode [2022-11-16 12:50:15,196 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 12:50:15,198 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 12:50:15,198 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 12:50:15,198 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 12:50:15,206 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,219 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,262 INFO L138 Inliner]: procedures = 58, calls = 158, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 265 [2022-11-16 12:50:15,266 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 12:50:15,268 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 12:50:15,268 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 12:50:15,268 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 12:50:15,278 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,278 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,294 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,297 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,302 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,319 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,320 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,321 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,324 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 12:50:15,327 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 12:50:15,327 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 12:50:15,328 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 12:50:15,329 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (1/1) ... [2022-11-16 12:50:15,336 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 12:50:15,348 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 12:50:15,366 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 12:50:15,394 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 12:50:15,417 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 12:50:15,417 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 12:50:15,417 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 12:50:15,418 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 12:50:15,418 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 12:50:15,418 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 12:50:15,418 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 12:50:15,418 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 12:50:15,419 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 12:50:15,419 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 12:50:15,419 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 12:50:15,420 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-16 12:50:15,420 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-16 12:50:15,420 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 12:50:15,420 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 12:50:15,420 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 12:50:15,420 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 12:50:15,421 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 12:50:15,538 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 12:50:15,541 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 12:50:15,941 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 12:50:15,949 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 12:50:15,949 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 12:50:15,951 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:50:15 BoogieIcfgContainer [2022-11-16 12:50:15,951 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 12:50:15,954 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 12:50:15,954 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 12:50:15,969 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 12:50:15,969 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 12:50:14" (1/3) ... [2022-11-16 12:50:15,970 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@40872dcf and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 12:50:15, skipping insertion in model container [2022-11-16 12:50:15,970 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 12:50:15" (2/3) ... [2022-11-16 12:50:15,971 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@40872dcf and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 12:50:15, skipping insertion in model container [2022-11-16 12:50:15,971 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:50:15" (3/3) ... [2022-11-16 12:50:15,972 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product50.cil.c [2022-11-16 12:50:15,991 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 12:50:15,992 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 12:50:16,046 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 12:50:16,053 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@24d5d8e1, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 12:50:16,054 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 12:50:16,058 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 72 states have (on average 1.375) internal successors, (99), 80 states have internal predecessors, (99), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-16 12:50:16,069 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-16 12:50:16,070 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:16,070 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:16,071 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:16,076 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:16,077 INFO L85 PathProgramCache]: Analyzing trace with hash 58300630, now seen corresponding path program 1 times [2022-11-16 12:50:16,087 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:16,087 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1073488088] [2022-11-16 12:50:16,088 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:16,088 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:16,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,429 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-16 12:50:16,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,453 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-16 12:50:16,455 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,458 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:16,459 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:16,459 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1073488088] [2022-11-16 12:50:16,460 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1073488088] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:16,460 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:16,461 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 12:50:16,470 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1739639827] [2022-11-16 12:50:16,471 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:16,477 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 12:50:16,477 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:16,513 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 12:50:16,514 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 12:50:16,518 INFO L87 Difference]: Start difference. First operand has 93 states, 72 states have (on average 1.375) internal successors, (99), 80 states have internal predecessors, (99), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:50:16,590 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:16,590 INFO L93 Difference]: Finished difference Result 177 states and 240 transitions. [2022-11-16 12:50:16,593 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 12:50:16,595 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-16 12:50:16,595 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:16,619 INFO L225 Difference]: With dead ends: 177 [2022-11-16 12:50:16,619 INFO L226 Difference]: Without dead ends: 84 [2022-11-16 12:50:16,624 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 12:50:16,630 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 117 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:16,633 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:50:16,656 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-11-16 12:50:16,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2022-11-16 12:50:16,700 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 65 states have (on average 1.3076923076923077) internal successors, (85), 72 states have internal predecessors, (85), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-16 12:50:16,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 108 transitions. [2022-11-16 12:50:16,714 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 108 transitions. Word has length 32 [2022-11-16 12:50:16,715 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:16,715 INFO L495 AbstractCegarLoop]: Abstraction has 84 states and 108 transitions. [2022-11-16 12:50:16,717 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:50:16,717 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 108 transitions. [2022-11-16 12:50:16,726 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-16 12:50:16,726 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:16,727 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:16,727 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 12:50:16,728 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:16,732 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:16,733 INFO L85 PathProgramCache]: Analyzing trace with hash 1182453555, now seen corresponding path program 1 times [2022-11-16 12:50:16,734 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:16,734 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1222074210] [2022-11-16 12:50:16,735 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:16,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:16,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,974 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-16 12:50:16,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,981 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-16 12:50:16,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:16,989 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:16,989 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:16,990 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1222074210] [2022-11-16 12:50:16,990 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1222074210] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:16,991 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:16,992 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 12:50:16,993 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1011379338] [2022-11-16 12:50:16,994 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:16,996 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 12:50:16,997 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:16,998 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 12:50:16,999 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:50:17,000 INFO L87 Difference]: Start difference. First operand 84 states and 108 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:50:17,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:17,050 INFO L93 Difference]: Finished difference Result 132 states and 170 transitions. [2022-11-16 12:50:17,051 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 12:50:17,051 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-16 12:50:17,052 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:17,056 INFO L225 Difference]: With dead ends: 132 [2022-11-16 12:50:17,058 INFO L226 Difference]: Without dead ends: 75 [2022-11-16 12:50:17,063 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:50:17,066 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 13 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 173 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:17,071 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 173 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:50:17,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-11-16 12:50:17,082 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-11-16 12:50:17,086 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 66 states have internal predecessors, (78), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 12:50:17,087 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 96 transitions. [2022-11-16 12:50:17,088 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 96 transitions. Word has length 33 [2022-11-16 12:50:17,088 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:17,089 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 96 transitions. [2022-11-16 12:50:17,090 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 12:50:17,090 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 96 transitions. [2022-11-16 12:50:17,096 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-16 12:50:17,096 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:17,097 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:17,097 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 12:50:17,097 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:17,099 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:17,100 INFO L85 PathProgramCache]: Analyzing trace with hash 1082286122, now seen corresponding path program 1 times [2022-11-16 12:50:17,100 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:17,100 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [220764120] [2022-11-16 12:50:17,101 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:17,101 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:17,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,252 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:17,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,269 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-16 12:50:17,271 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,274 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:17,275 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:17,275 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [220764120] [2022-11-16 12:50:17,275 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [220764120] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:17,277 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:17,277 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 12:50:17,277 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [963989299] [2022-11-16 12:50:17,278 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:17,279 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 12:50:17,280 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:17,280 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 12:50:17,281 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:50:17,281 INFO L87 Difference]: Start difference. First operand 75 states and 96 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:50:17,313 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:17,313 INFO L93 Difference]: Finished difference Result 142 states and 185 transitions. [2022-11-16 12:50:17,314 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 12:50:17,314 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-16 12:50:17,315 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:17,316 INFO L225 Difference]: With dead ends: 142 [2022-11-16 12:50:17,316 INFO L226 Difference]: Without dead ends: 75 [2022-11-16 12:50:17,317 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 12:50:17,318 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 86 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 94 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:17,319 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 94 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 12:50:17,320 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-11-16 12:50:17,329 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-11-16 12:50:17,330 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.305084745762712) internal successors, (77), 66 states have internal predecessors, (77), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 12:50:17,331 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2022-11-16 12:50:17,331 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 38 [2022-11-16 12:50:17,333 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:17,333 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2022-11-16 12:50:17,333 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 12:50:17,334 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-11-16 12:50:17,335 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-11-16 12:50:17,335 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:17,335 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:17,335 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 12:50:17,336 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:17,336 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:17,336 INFO L85 PathProgramCache]: Analyzing trace with hash 605778703, now seen corresponding path program 1 times [2022-11-16 12:50:17,337 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:17,337 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1282350112] [2022-11-16 12:50:17,337 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:17,337 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:17,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,507 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:17,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,517 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:50:17,530 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,548 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 12:50:17,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,552 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2022-11-16 12:50:17,554 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,556 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:17,557 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:17,557 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1282350112] [2022-11-16 12:50:17,557 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1282350112] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:17,557 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:17,558 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 12:50:17,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1592269430] [2022-11-16 12:50:17,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:17,558 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 12:50:17,559 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:17,559 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 12:50:17,559 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:50:17,559 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-16 12:50:17,820 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:17,821 INFO L93 Difference]: Finished difference Result 221 states and 282 transitions. [2022-11-16 12:50:17,821 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 12:50:17,821 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 48 [2022-11-16 12:50:17,822 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:17,823 INFO L225 Difference]: With dead ends: 221 [2022-11-16 12:50:17,823 INFO L226 Difference]: Without dead ends: 154 [2022-11-16 12:50:17,824 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-16 12:50:17,825 INFO L413 NwaCegarLoop]: 125 mSDtfsCounter, 195 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 104 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 308 SdHoareTripleChecker+Invalid, 150 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 104 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:17,826 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 308 Invalid, 150 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 12:50:17,827 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-16 12:50:17,847 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 148. [2022-11-16 12:50:17,848 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 115 states have (on average 1.2695652173913043) internal successors, (146), 122 states have internal predecessors, (146), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 12:50:17,849 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 183 transitions. [2022-11-16 12:50:17,849 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 183 transitions. Word has length 48 [2022-11-16 12:50:17,849 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:17,850 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 183 transitions. [2022-11-16 12:50:17,850 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-16 12:50:17,850 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 183 transitions. [2022-11-16 12:50:17,851 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-16 12:50:17,851 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:17,851 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:17,852 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 12:50:17,852 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:17,852 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:17,853 INFO L85 PathProgramCache]: Analyzing trace with hash 1075912719, now seen corresponding path program 1 times [2022-11-16 12:50:17,853 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:17,853 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2079736537] [2022-11-16 12:50:17,853 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:17,853 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:17,872 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,942 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:17,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,949 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:50:17,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,984 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-16 12:50:17,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:17,987 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:17,987 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:17,987 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2079736537] [2022-11-16 12:50:17,988 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2079736537] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:17,988 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:17,988 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 12:50:17,988 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [296018388] [2022-11-16 12:50:17,988 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:17,989 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 12:50:17,989 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:17,989 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 12:50:17,989 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-16 12:50:17,990 INFO L87 Difference]: Start difference. First operand 148 states and 183 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:18,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:18,182 INFO L93 Difference]: Finished difference Result 296 states and 370 transitions. [2022-11-16 12:50:18,183 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 12:50:18,183 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-16 12:50:18,185 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:18,191 INFO L225 Difference]: With dead ends: 296 [2022-11-16 12:50:18,191 INFO L226 Difference]: Without dead ends: 156 [2022-11-16 12:50:18,192 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-16 12:50:18,193 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 66 mSDsluCounter, 295 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 384 SdHoareTripleChecker+Invalid, 131 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:18,194 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 384 Invalid, 131 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 12:50:18,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2022-11-16 12:50:18,214 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 151. [2022-11-16 12:50:18,215 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 118 states have (on average 1.2627118644067796) internal successors, (149), 125 states have internal predecessors, (149), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 12:50:18,216 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 186 transitions. [2022-11-16 12:50:18,216 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 186 transitions. Word has length 52 [2022-11-16 12:50:18,217 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:18,217 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 186 transitions. [2022-11-16 12:50:18,218 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:18,218 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 186 transitions. [2022-11-16 12:50:18,219 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-16 12:50:18,219 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:18,219 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:18,219 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 12:50:18,220 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:18,220 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:18,220 INFO L85 PathProgramCache]: Analyzing trace with hash -613031023, now seen corresponding path program 1 times [2022-11-16 12:50:18,221 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:18,221 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1980974870] [2022-11-16 12:50:18,221 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:18,221 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:18,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,304 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:18,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,310 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:50:18,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,339 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-16 12:50:18,340 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,342 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:18,342 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:18,343 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1980974870] [2022-11-16 12:50:18,343 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1980974870] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:18,343 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:18,343 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 12:50:18,344 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [776279518] [2022-11-16 12:50:18,344 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:18,344 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 12:50:18,345 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:18,345 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 12:50:18,345 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:50:18,346 INFO L87 Difference]: Start difference. First operand 151 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:18,497 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:18,497 INFO L93 Difference]: Finished difference Result 304 states and 381 transitions. [2022-11-16 12:50:18,498 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-16 12:50:18,498 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-16 12:50:18,499 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:18,504 INFO L225 Difference]: With dead ends: 304 [2022-11-16 12:50:18,504 INFO L226 Difference]: Without dead ends: 161 [2022-11-16 12:50:18,506 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-16 12:50:18,512 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 67 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:18,515 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 301 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 12:50:18,516 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 161 states. [2022-11-16 12:50:18,551 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 161 to 153. [2022-11-16 12:50:18,552 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 120 states have (on average 1.2583333333333333) internal successors, (151), 127 states have internal predecessors, (151), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-16 12:50:18,553 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 188 transitions. [2022-11-16 12:50:18,554 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 188 transitions. Word has length 52 [2022-11-16 12:50:18,554 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:18,554 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 188 transitions. [2022-11-16 12:50:18,555 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:18,555 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 188 transitions. [2022-11-16 12:50:18,556 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-16 12:50:18,556 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:18,557 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:18,557 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 12:50:18,557 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:18,557 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:18,558 INFO L85 PathProgramCache]: Analyzing trace with hash -190329197, now seen corresponding path program 1 times [2022-11-16 12:50:18,558 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:18,558 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [737011372] [2022-11-16 12:50:18,558 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:18,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:18,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,656 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:18,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,666 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:50:18,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,684 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-16 12:50:18,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:18,687 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:18,687 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:18,687 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [737011372] [2022-11-16 12:50:18,719 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [737011372] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:18,719 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:18,719 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 12:50:18,719 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1335823258] [2022-11-16 12:50:18,720 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:18,720 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 12:50:18,720 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:18,721 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 12:50:18,721 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 12:50:18,721 INFO L87 Difference]: Start difference. First operand 153 states and 188 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:19,006 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:19,007 INFO L93 Difference]: Finished difference Result 438 states and 558 transitions. [2022-11-16 12:50:19,007 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 12:50:19,008 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-16 12:50:19,008 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:19,017 INFO L225 Difference]: With dead ends: 438 [2022-11-16 12:50:19,018 INFO L226 Difference]: Without dead ends: 293 [2022-11-16 12:50:19,019 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-16 12:50:19,020 INFO L413 NwaCegarLoop]: 139 mSDtfsCounter, 213 mSDsluCounter, 174 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 220 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:19,020 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [220 Valid, 313 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 12:50:19,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 293 states. [2022-11-16 12:50:19,074 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 293 to 285. [2022-11-16 12:50:19,075 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 285 states, 220 states have (on average 1.240909090909091) internal successors, (273), 231 states have internal predecessors, (273), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-16 12:50:19,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 285 states to 285 states and 356 transitions. [2022-11-16 12:50:19,078 INFO L78 Accepts]: Start accepts. Automaton has 285 states and 356 transitions. Word has length 52 [2022-11-16 12:50:19,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:19,079 INFO L495 AbstractCegarLoop]: Abstraction has 285 states and 356 transitions. [2022-11-16 12:50:19,079 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 12:50:19,080 INFO L276 IsEmpty]: Start isEmpty. Operand 285 states and 356 transitions. [2022-11-16 12:50:19,081 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-16 12:50:19,081 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:19,082 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:19,082 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-16 12:50:19,082 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:19,083 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:19,083 INFO L85 PathProgramCache]: Analyzing trace with hash 2088078071, now seen corresponding path program 1 times [2022-11-16 12:50:19,083 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:19,083 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [43936651] [2022-11-16 12:50:19,084 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:19,085 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:19,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:19,220 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 12:50:19,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:19,241 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 12:50:19,244 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:19,253 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-16 12:50:19,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:19,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2022-11-16 12:50:19,257 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:19,283 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-16 12:50:19,283 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:19,283 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [43936651] [2022-11-16 12:50:19,283 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [43936651] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:19,283 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:19,283 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-16 12:50:19,284 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1568413] [2022-11-16 12:50:19,284 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:19,284 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-16 12:50:19,284 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:19,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-16 12:50:19,285 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-16 12:50:19,285 INFO L87 Difference]: Start difference. First operand 285 states and 356 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 12:50:19,643 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:19,643 INFO L93 Difference]: Finished difference Result 578 states and 733 transitions. [2022-11-16 12:50:19,644 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-16 12:50:19,644 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2022-11-16 12:50:19,644 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:19,646 INFO L225 Difference]: With dead ends: 578 [2022-11-16 12:50:19,646 INFO L226 Difference]: Without dead ends: 301 [2022-11-16 12:50:19,648 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-16 12:50:19,649 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 129 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 435 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:19,649 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 435 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 12:50:19,650 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2022-11-16 12:50:19,722 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 281. [2022-11-16 12:50:19,723 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 281 states, 216 states have (on average 1.2083333333333333) internal successors, (261), 227 states have internal predecessors, (261), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-16 12:50:19,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 281 states to 281 states and 344 transitions. [2022-11-16 12:50:19,726 INFO L78 Accepts]: Start accepts. Automaton has 281 states and 344 transitions. Word has length 54 [2022-11-16 12:50:19,726 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:19,727 INFO L495 AbstractCegarLoop]: Abstraction has 281 states and 344 transitions. [2022-11-16 12:50:19,727 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-16 12:50:19,727 INFO L276 IsEmpty]: Start isEmpty. Operand 281 states and 344 transitions. [2022-11-16 12:50:19,728 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-16 12:50:19,729 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:19,729 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:19,729 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-16 12:50:19,735 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:19,735 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:19,735 INFO L85 PathProgramCache]: Analyzing trace with hash -312737299, now seen corresponding path program 1 times [2022-11-16 12:50:19,736 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:19,736 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1333712419] [2022-11-16 12:50:19,736 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:19,736 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:19,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:20,110 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 12:50:20,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:20,167 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-16 12:50:20,168 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:20,190 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-16 12:50:20,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:20,214 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-16 12:50:20,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:20,218 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 12:50:20,219 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:20,219 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1333712419] [2022-11-16 12:50:20,219 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1333712419] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 12:50:20,219 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 12:50:20,219 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-16 12:50:20,220 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1973652569] [2022-11-16 12:50:20,220 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 12:50:20,222 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-16 12:50:20,222 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:20,222 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-16 12:50:20,223 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-16 12:50:20,223 INFO L87 Difference]: Start difference. First operand 281 states and 344 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 12:50:21,285 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:21,285 INFO L93 Difference]: Finished difference Result 833 states and 1056 transitions. [2022-11-16 12:50:21,286 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-16 12:50:21,286 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2022-11-16 12:50:21,286 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:21,290 INFO L225 Difference]: With dead ends: 833 [2022-11-16 12:50:21,290 INFO L226 Difference]: Without dead ends: 611 [2022-11-16 12:50:21,292 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 199 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=187, Invalid=743, Unknown=0, NotChecked=0, Total=930 [2022-11-16 12:50:21,293 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 505 mSDsluCounter, 637 mSDsCounter, 0 mSdLazyCounter, 693 mSolverCounterSat, 159 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 511 SdHoareTripleChecker+Valid, 759 SdHoareTripleChecker+Invalid, 852 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 159 IncrementalHoareTripleChecker+Valid, 693 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:21,293 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [511 Valid, 759 Invalid, 852 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [159 Valid, 693 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-16 12:50:21,294 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 611 states. [2022-11-16 12:50:21,365 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 611 to 522. [2022-11-16 12:50:21,366 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 522 states, 403 states have (on average 1.2034739454094292) internal successors, (485), 425 states have internal predecessors, (485), 61 states have call successors, (61), 51 states have call predecessors, (61), 57 states have return successors, (85), 61 states have call predecessors, (85), 61 states have call successors, (85) [2022-11-16 12:50:21,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 522 states to 522 states and 631 transitions. [2022-11-16 12:50:21,371 INFO L78 Accepts]: Start accepts. Automaton has 522 states and 631 transitions. Word has length 56 [2022-11-16 12:50:21,372 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:21,372 INFO L495 AbstractCegarLoop]: Abstraction has 522 states and 631 transitions. [2022-11-16 12:50:21,372 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 12:50:21,372 INFO L276 IsEmpty]: Start isEmpty. Operand 522 states and 631 transitions. [2022-11-16 12:50:21,374 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2022-11-16 12:50:21,375 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:21,375 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:21,375 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-16 12:50:21,376 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:21,376 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:21,376 INFO L85 PathProgramCache]: Analyzing trace with hash -514851068, now seen corresponding path program 1 times [2022-11-16 12:50:21,377 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:21,377 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1792025879] [2022-11-16 12:50:21,377 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:21,377 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:21,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,567 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 12:50:21,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,582 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-16 12:50:21,586 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,591 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 12:50:21,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,602 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-16 12:50:21,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,607 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2022-11-16 12:50:21,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,610 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2022-11-16 12:50:21,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,613 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 12:50:21,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,615 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2022-11-16 12:50:21,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,622 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 4 proven. 3 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-16 12:50:21,623 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:21,623 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1792025879] [2022-11-16 12:50:21,623 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1792025879] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 12:50:21,623 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1588279382] [2022-11-16 12:50:21,624 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:21,624 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 12:50:21,624 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 12:50:21,631 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 12:50:21,647 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 12:50:21,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:21,816 INFO L263 TraceCheckSpWp]: Trace formula consists of 478 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-16 12:50:21,824 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 12:50:22,087 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 12:50:22,087 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 12:50:22,341 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 12:50:22,341 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1588279382] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 12:50:22,341 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 12:50:22,341 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2022-11-16 12:50:22,342 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1609627489] [2022-11-16 12:50:22,342 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 12:50:22,343 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-16 12:50:22,343 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:22,343 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-16 12:50:22,343 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2022-11-16 12:50:22,344 INFO L87 Difference]: Start difference. First operand 522 states and 631 transitions. Second operand has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-16 12:50:24,202 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:24,202 INFO L93 Difference]: Finished difference Result 1195 states and 1490 transitions. [2022-11-16 12:50:24,203 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 38 states. [2022-11-16 12:50:24,203 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) Word has length 98 [2022-11-16 12:50:24,207 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:24,212 INFO L225 Difference]: With dead ends: 1195 [2022-11-16 12:50:24,213 INFO L226 Difference]: Without dead ends: 730 [2022-11-16 12:50:24,215 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 274 GetRequests, 223 SyntacticMatches, 4 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 573 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=471, Invalid=1881, Unknown=0, NotChecked=0, Total=2352 [2022-11-16 12:50:24,216 INFO L413 NwaCegarLoop]: 172 mSDtfsCounter, 489 mSDsluCounter, 1351 mSDsCounter, 0 mSdLazyCounter, 1122 mSolverCounterSat, 163 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 495 SdHoareTripleChecker+Valid, 1523 SdHoareTripleChecker+Invalid, 1285 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 163 IncrementalHoareTripleChecker+Valid, 1122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:24,217 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [495 Valid, 1523 Invalid, 1285 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [163 Valid, 1122 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-16 12:50:24,219 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 730 states. [2022-11-16 12:50:24,314 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 730 to 592. [2022-11-16 12:50:24,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 592 states, 454 states have (on average 1.198237885462555) internal successors, (544), 483 states have internal predecessors, (544), 71 states have call successors, (71), 61 states have call predecessors, (71), 66 states have return successors, (91), 68 states have call predecessors, (91), 71 states have call successors, (91) [2022-11-16 12:50:24,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 592 states to 592 states and 706 transitions. [2022-11-16 12:50:24,321 INFO L78 Accepts]: Start accepts. Automaton has 592 states and 706 transitions. Word has length 98 [2022-11-16 12:50:24,322 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:24,322 INFO L495 AbstractCegarLoop]: Abstraction has 592 states and 706 transitions. [2022-11-16 12:50:24,323 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-16 12:50:24,323 INFO L276 IsEmpty]: Start isEmpty. Operand 592 states and 706 transitions. [2022-11-16 12:50:24,333 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2022-11-16 12:50:24,333 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 12:50:24,333 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:24,347 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 12:50:24,540 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-16 12:50:24,540 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 12:50:24,541 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 12:50:24,541 INFO L85 PathProgramCache]: Analyzing trace with hash 2133918754, now seen corresponding path program 1 times [2022-11-16 12:50:24,541 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 12:50:24,542 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1529216881] [2022-11-16 12:50:24,542 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:24,542 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 12:50:24,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,805 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 12:50:24,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,820 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-16 12:50:24,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,829 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 12:50:24,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,839 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-16 12:50:24,841 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,849 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-16 12:50:24,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,862 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 12:50:24,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,865 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-16 12:50:24,866 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,868 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 12:50:24,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,870 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2022-11-16 12:50:24,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,967 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 12:50:24,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,970 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 132 [2022-11-16 12:50:24,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,979 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 143 [2022-11-16 12:50:24,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,983 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 152 [2022-11-16 12:50:24,987 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,992 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 168 [2022-11-16 12:50:24,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:24,995 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 72 proven. 5 refuted. 0 times theorem prover too weak. 119 trivial. 0 not checked. [2022-11-16 12:50:24,995 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 12:50:24,996 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1529216881] [2022-11-16 12:50:24,996 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1529216881] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 12:50:24,996 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [550356307] [2022-11-16 12:50:24,996 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 12:50:24,996 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 12:50:24,997 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 12:50:24,999 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 12:50:25,010 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-16 12:50:25,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 12:50:25,191 INFO L263 TraceCheckSpWp]: Trace formula consists of 685 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-16 12:50:25,197 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 12:50:25,498 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 144 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2022-11-16 12:50:25,498 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 12:50:26,111 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 82 proven. 44 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2022-11-16 12:50:26,111 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [550356307] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 12:50:26,111 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 12:50:26,111 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-16 12:50:26,111 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [351829168] [2022-11-16 12:50:26,112 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 12:50:26,112 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-16 12:50:26,113 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 12:50:26,113 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-16 12:50:26,114 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=482, Unknown=0, NotChecked=0, Total=600 [2022-11-16 12:50:26,114 INFO L87 Difference]: Start difference. First operand 592 states and 706 transitions. Second operand has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-16 12:50:27,481 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 12:50:27,482 INFO L93 Difference]: Finished difference Result 1257 states and 1548 transitions. [2022-11-16 12:50:27,482 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-16 12:50:27,483 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) Word has length 176 [2022-11-16 12:50:27,483 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 12:50:27,484 INFO L225 Difference]: With dead ends: 1257 [2022-11-16 12:50:27,484 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 12:50:27,519 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 419 GetRequests, 368 SyntacticMatches, 5 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=483, Invalid=1773, Unknown=0, NotChecked=0, Total=2256 [2022-11-16 12:50:27,520 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 554 mSDsluCounter, 922 mSDsCounter, 0 mSdLazyCounter, 1207 mSolverCounterSat, 162 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 557 SdHoareTripleChecker+Valid, 1025 SdHoareTripleChecker+Invalid, 1369 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 162 IncrementalHoareTripleChecker+Valid, 1207 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-16 12:50:27,520 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [557 Valid, 1025 Invalid, 1369 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [162 Valid, 1207 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-16 12:50:27,520 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 12:50:27,521 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 12:50:27,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 12:50:27,521 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 12:50:27,521 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 176 [2022-11-16 12:50:27,522 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 12:50:27,522 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 12:50:27,522 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-16 12:50:27,522 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 12:50:27,522 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 12:50:27,525 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 12:50:27,532 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-16 12:50:27,731 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 12:50:27,733 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 12:50:35,884 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 102 108) no Hoare annotation was computed. [2022-11-16 12:50:35,885 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 102 108) the Hoare annotation is: true [2022-11-16 12:50:35,885 INFO L899 garLoopResultBuilder]: For program point L381-1(lines 377 388) no Hoare annotation was computed. [2022-11-16 12:50:35,885 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 377 388) the Hoare annotation is: true [2022-11-16 12:50:35,885 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 377 388) no Hoare annotation was computed. [2022-11-16 12:50:35,885 INFO L899 garLoopResultBuilder]: For program point L929(line 929) no Hoare annotation was computed. [2022-11-16 12:50:35,885 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 908 937) no Hoare annotation was computed. [2022-11-16 12:50:35,885 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 908 937) the Hoare annotation is: true [2022-11-16 12:50:35,885 INFO L899 garLoopResultBuilder]: For program point L922(lines 922 926) no Hoare annotation was computed. [2022-11-16 12:50:35,886 INFO L902 garLoopResultBuilder]: At program point L922-1(lines 922 926) the Hoare annotation is: true [2022-11-16 12:50:35,886 INFO L899 garLoopResultBuilder]: For program point L919(line 919) no Hoare annotation was computed. [2022-11-16 12:50:35,886 INFO L902 garLoopResultBuilder]: At program point L918-2(lines 918 932) the Hoare annotation is: true [2022-11-16 12:50:35,886 INFO L902 garLoopResultBuilder]: At program point L914(line 914) the Hoare annotation is: true [2022-11-16 12:50:35,886 INFO L899 garLoopResultBuilder]: For program point L914-1(line 914) no Hoare annotation was computed. [2022-11-16 12:50:35,886 INFO L902 garLoopResultBuilder]: At program point L933(lines 908 937) the Hoare annotation is: true [2022-11-16 12:50:35,887 INFO L895 garLoopResultBuilder]: At program point L155(line 155) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-16 12:50:35,888 INFO L895 garLoopResultBuilder]: At program point L155-1(lines 136 160) the Hoare annotation is: (let ((.cse13 (<= 1 ~pumpRunning~0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse14 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse11 .cse1 .cse2 .cse15 .cse14 .cse16 .cse4)) (.cse0 (not .cse14)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse13 .cse6 .cse15 .cse14 .cse16 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4) .cse7)) (or (not (= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse5 .cse9 .cse10) (or .cse11 (and .cse1 .cse12) .cse0 .cse7 (and .cse13 (= 2 ~waterLevel~0) .cse12)) (or (and .cse6 .cse12 .cse4) .cse8 .cse0 .cse5 (and .cse11 .cse1 .cse2 .cse14 .cse12 .cse4) .cse9 .cse7 .cse10)))) [2022-11-16 12:50:35,888 INFO L899 garLoopResultBuilder]: For program point L89-1(lines 89 95) no Hoare annotation was computed. [2022-11-16 12:50:35,916 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse7 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse13 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse17 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse14 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse11 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse2 (and .cse5 .cse6 .cse7 .cse13 .cse17 .cse16 .cse18 .cse14 .cse11)) (.cse3 (and (<= 1 ~pumpRunning~0) .cse9 .cse7 .cse17 .cse16 .cse18 .cse14 .cse11)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse16)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3 .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse5 .cse0 (and .cse6 .cse7 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2) .cse8)) (let ((.cse10 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1|)))) (or .cse0 .cse1 .cse2 (and .cse9 .cse7 .cse8 .cse10 .cse11) .cse3 .cse12 (and .cse6 .cse7 .cse13 .cse8 .cse10 .cse11) .cse4)) (or .cse5 .cse0 .cse12 (not (<= 2 |old(~waterLevel~0)|))) (let ((.cse15 (= ~waterLevel~0 1))) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse7 .cse13 .cse14 .cse15 .cse11) .cse12 (and .cse9 .cse7 .cse14 .cse15 .cse11)))))) [2022-11-16 12:50:35,916 INFO L899 garLoopResultBuilder]: For program point L849-1(line 849) no Hoare annotation was computed. [2022-11-16 12:50:35,916 INFO L895 garLoopResultBuilder]: At program point L267(lines 252 270) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse2 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse7)) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4)))) [2022-11-16 12:50:35,916 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 75 101) no Hoare annotation was computed. [2022-11-16 12:50:35,917 INFO L895 garLoopResultBuilder]: At program point L449(lines 444 452) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 12:50:35,917 INFO L899 garLoopResultBuilder]: For program point L82(lines 82 88) no Hoare annotation was computed. [2022-11-16 12:50:35,917 INFO L899 garLoopResultBuilder]: For program point L82-2(lines 78 100) no Hoare annotation was computed. [2022-11-16 12:50:35,917 INFO L899 garLoopResultBuilder]: For program point L144(lines 144 152) no Hoare annotation was computed. [2022-11-16 12:50:35,917 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 157) no Hoare annotation was computed. [2022-11-16 12:50:35,918 INFO L895 garLoopResultBuilder]: At program point L834(line 834) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-16 12:50:35,918 INFO L899 garLoopResultBuilder]: For program point L834-1(line 834) no Hoare annotation was computed. [2022-11-16 12:50:35,918 INFO L899 garLoopResultBuilder]: For program point L54(line 54) no Hoare annotation was computed. [2022-11-16 12:50:35,918 INFO L899 garLoopResultBuilder]: For program point L851(lines 851 861) no Hoare annotation was computed. [2022-11-16 12:50:35,918 INFO L899 garLoopResultBuilder]: For program point L847(lines 847 864) no Hoare annotation was computed. [2022-11-16 12:50:35,919 INFO L895 garLoopResultBuilder]: At program point L174(lines 169 176) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse9 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse8 .cse1 .cse2 (<= ~waterLevel~0 1) .cse9 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse9)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse6 .cse0 .cse4 .cse7) (or (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse6 .cse0 .cse4 .cse5 .cse7) (or .cse8 .cse0 .cse5)))) [2022-11-16 12:50:35,919 INFO L895 garLoopResultBuilder]: At program point L847-1(lines 839 867) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse14 (<= 1 ~pumpRunning~0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse20 (<= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse21 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse18 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse7 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse14 .cse12 .cse0 .cse2 .cse20 .cse4 .cse21 .cse18 .cse7)) (.cse10 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (and .cse0 .cse1 .cse2 .cse3 .cse20 .cse4 .cse21 .cse18 .cse7)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse9 (not .cse4)) (.cse6 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1|))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse17 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7) (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse9 .cse10 .cse11 (and .cse12 .cse0 .cse2 .cse4 .cse5 .cse6 .cse7) .cse13) (let ((.cse15 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (.cse16 (= 2 |timeShift_getWaterLevel_#res#1|))) (or .cse0 .cse9 (and .cse14 .cse15 .cse16) (and .cse1 .cse15 .cse16) .cse17 (not (<= 2 |old(~waterLevel~0)|)))) (let ((.cse19 (= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse18 .cse19 .cse7) .cse9 .cse10 (not (< 1 |old(~waterLevel~0)|)) (and .cse12 .cse0 .cse2 .cse4 .cse18 .cse19 .cse7) .cse17)) (or .cse8 (not (= |old(~waterLevel~0)| 1)) .cse9 .cse10 .cse11 .cse13) (or .cse0 .cse9 (and .cse1 .cse2 .cse5 .cse6) (and (<= 2 ~waterLevel~0) .cse5) .cse17)))) [2022-11-16 12:50:35,920 INFO L895 garLoopResultBuilder]: At program point L426(lines 421 429) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse13 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse10 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse12 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (and .cse0 .cse2 .cse3 .cse10 .cse15 .cse11 .cse16 .cse12)) (.cse9 (and .cse6 .cse13 .cse3 .cse15 .cse11 .cse16 .cse12)) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not .cse11)) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 (= 2 ~waterLevel~0) (= 2 |timeShift_getWaterLevel_#res#1|) .cse4)) (or .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2)) .cse9) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 (and .cse0 .cse2 .cse3 .cse10 .cse11 .cse4 .cse12) (and .cse13 .cse3 .cse4 .cse12) .cse9 .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 .cse9 .cse14) (or .cse1 .cse7 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse5)))) [2022-11-16 12:50:35,920 INFO L899 garLoopResultBuilder]: For program point L261(lines 261 265) no Hoare annotation was computed. [2022-11-16 12:50:35,920 INFO L899 garLoopResultBuilder]: For program point L261-2(lines 261 265) no Hoare annotation was computed. [2022-11-16 12:50:35,920 INFO L895 garLoopResultBuilder]: At program point L55(lines 50 57) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-16 12:50:35,921 INFO L895 garLoopResultBuilder]: At program point L150(line 150) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 12:50:35,921 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 858) no Hoare annotation was computed. [2022-11-16 12:50:35,921 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 75 101) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-16 12:50:35,922 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 75 101) no Hoare annotation was computed. [2022-11-16 12:50:35,922 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-16 12:50:35,922 INFO L899 garLoopResultBuilder]: For program point L357(lines 357 361) no Hoare annotation was computed. [2022-11-16 12:50:35,922 INFO L895 garLoopResultBuilder]: At program point L836(lines 829 838) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 12:50:35,923 INFO L895 garLoopResultBuilder]: At program point L357-2(lines 353 364) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-16 12:50:35,923 INFO L895 garLoopResultBuilder]: At program point L894(lines 890 896) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 12:50:35,923 INFO L895 garLoopResultBuilder]: At program point L341(lines 292 342) the Hoare annotation is: false [2022-11-16 12:50:35,923 INFO L902 garLoopResultBuilder]: At program point L977(lines 969 979) the Hoare annotation is: true [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point L990(lines 990 997) no Hoare annotation was computed. [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point L990-2(lines 990 997) no Hoare annotation was computed. [2022-11-16 12:50:35,924 INFO L899 garLoopResultBuilder]: For program point L313(lines 313 319) no Hoare annotation was computed. [2022-11-16 12:50:35,925 INFO L899 garLoopResultBuilder]: For program point L313-1(lines 313 319) no Hoare annotation was computed. [2022-11-16 12:50:35,925 INFO L895 garLoopResultBuilder]: At program point L887(lines 883 889) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 12:50:35,925 INFO L895 garLoopResultBuilder]: At program point L276(lines 271 278) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 12:50:35,925 INFO L895 garLoopResultBuilder]: At program point L338(lines 293 340) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-16 12:50:35,926 INFO L895 garLoopResultBuilder]: At program point L305(line 305) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-16 12:50:35,926 INFO L902 garLoopResultBuilder]: At program point L999(lines 980 1002) the Hoare annotation is: true [2022-11-16 12:50:35,926 INFO L895 garLoopResultBuilder]: At program point L966(lines 962 968) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 12:50:35,926 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 12:50:35,927 INFO L895 garLoopResultBuilder]: At program point L826(lines 821 828) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 12:50:35,927 INFO L899 garLoopResultBuilder]: For program point L331(lines 331 335) no Hoare annotation was computed. [2022-11-16 12:50:35,927 INFO L895 garLoopResultBuilder]: At program point L331-2(lines 323 336) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 12:50:35,927 INFO L899 garLoopResultBuilder]: For program point L294(lines 293 340) no Hoare annotation was computed. [2022-11-16 12:50:35,927 INFO L899 garLoopResultBuilder]: For program point L323(lines 323 336) no Hoare annotation was computed. [2022-11-16 12:50:35,928 INFO L895 garLoopResultBuilder]: At program point L315(line 315) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 12:50:35,928 INFO L902 garLoopResultBuilder]: At program point L344(lines 283 348) the Hoare annotation is: true [2022-11-16 12:50:35,929 INFO L899 garLoopResultBuilder]: For program point L303(lines 303 309) no Hoare annotation was computed. [2022-11-16 12:50:35,929 INFO L899 garLoopResultBuilder]: For program point L303-1(lines 303 309) no Hoare annotation was computed. [2022-11-16 12:50:35,930 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 299) no Hoare annotation was computed. [2022-11-16 12:50:35,931 INFO L895 garLoopResultBuilder]: At program point L902(lines 897 905) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 12:50:35,931 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 110 134) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-11-16 12:50:35,931 INFO L895 garLoopResultBuilder]: At program point L124(line 124) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 12:50:35,931 INFO L895 garLoopResultBuilder]: At program point L248(lines 233 251) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse0 .cse1 .cse2) (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (<= ~waterLevel~0 2))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 12:50:35,931 INFO L899 garLoopResultBuilder]: For program point L118(lines 118 126) no Hoare annotation was computed. [2022-11-16 12:50:35,932 INFO L899 garLoopResultBuilder]: For program point L114(lines 114 131) no Hoare annotation was computed. [2022-11-16 12:50:35,932 INFO L899 garLoopResultBuilder]: For program point L434(lines 434 440) no Hoare annotation was computed. [2022-11-16 12:50:35,932 INFO L899 garLoopResultBuilder]: For program point L242(lines 242 246) no Hoare annotation was computed. [2022-11-16 12:50:35,932 INFO L899 garLoopResultBuilder]: For program point L242-2(lines 242 246) no Hoare annotation was computed. [2022-11-16 12:50:35,932 INFO L895 garLoopResultBuilder]: At program point L166(lines 161 168) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 12:50:35,932 INFO L895 garLoopResultBuilder]: At program point L129(line 129) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-11-16 12:50:35,932 INFO L899 garLoopResultBuilder]: For program point L129-1(lines 110 134) no Hoare annotation was computed. [2022-11-16 12:50:35,933 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 110 134) no Hoare annotation was computed. [2022-11-16 12:50:35,933 INFO L895 garLoopResultBuilder]: At program point L439(lines 430 443) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (and .cse1 (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 12:50:35,933 INFO L899 garLoopResultBuilder]: For program point L369-1(lines 365 376) no Hoare annotation was computed. [2022-11-16 12:50:35,933 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 365 376) no Hoare annotation was computed. [2022-11-16 12:50:35,933 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 365 376) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-16 12:50:35,933 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 188 196) no Hoare annotation was computed. [2022-11-16 12:50:35,933 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 188 196) the Hoare annotation is: true [2022-11-16 12:50:35,934 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 188 196) no Hoare annotation was computed. [2022-11-16 12:50:35,937 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 12:50:35,940 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 12:50:36,018 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 12:50:36 BoogieIcfgContainer [2022-11-16 12:50:36,019 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 12:50:36,019 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 12:50:36,025 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 12:50:36,025 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 12:50:36,026 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 12:50:15" (3/4) ... [2022-11-16 12:50:36,031 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 12:50:36,038 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 12:50:36,038 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 12:50:36,038 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 12:50:36,038 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 12:50:36,039 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 12:50:36,039 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 12:50:36,039 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-16 12:50:36,048 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-11-16 12:50:36,048 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-16 12:50:36,049 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-16 12:50:36,050 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 12:50:36,050 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 12:50:36,051 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 12:50:36,051 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 12:50:36,082 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 12:50:36,083 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,083 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) <= 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((1 <= pumpRunning && tmp == 2) && 2 == \result)) || ((pumpRunning == 0 && tmp == 2) && 2 == \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel) && !(2 <= tmp))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,084 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 12:50:36,084 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,085 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,085 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,086 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 12:50:36,086 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,086 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 12:50:36,087 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 12:50:36,087 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 12:50:36,112 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/witness.graphml [2022-11-16 12:50:36,112 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 12:50:36,113 INFO L158 Benchmark]: Toolchain (without parser) took 21502.72ms. Allocated memory was 115.3MB in the beginning and 264.2MB in the end (delta: 148.9MB). Free memory was 86.3MB in the beginning and 224.4MB in the end (delta: -138.2MB). Peak memory consumption was 11.8MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,113 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 115.3MB. Free memory is still 69.2MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 12:50:36,114 INFO L158 Benchmark]: CACSL2BoogieTranslator took 585.02ms. Allocated memory is still 115.3MB. Free memory was 85.9MB in the beginning and 82.8MB in the end (delta: 3.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,114 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.13ms. Allocated memory is still 115.3MB. Free memory was 82.8MB in the beginning and 80.3MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,115 INFO L158 Benchmark]: Boogie Preprocessor took 58.79ms. Allocated memory is still 115.3MB. Free memory was 80.3MB in the beginning and 78.6MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 12:50:36,115 INFO L158 Benchmark]: RCFGBuilder took 624.36ms. Allocated memory is still 115.3MB. Free memory was 78.6MB in the beginning and 59.7MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,116 INFO L158 Benchmark]: TraceAbstraction took 20064.87ms. Allocated memory was 115.3MB in the beginning and 264.2MB in the end (delta: 148.9MB). Free memory was 59.0MB in the beginning and 229.7MB in the end (delta: -170.7MB). Peak memory consumption was 129.9MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,116 INFO L158 Benchmark]: Witness Printer took 92.94ms. Allocated memory is still 264.2MB. Free memory was 229.7MB in the beginning and 224.4MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-16 12:50:36,118 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 115.3MB. Free memory is still 69.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 585.02ms. Allocated memory is still 115.3MB. Free memory was 85.9MB in the beginning and 82.8MB in the end (delta: 3.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.13ms. Allocated memory is still 115.3MB. Free memory was 82.8MB in the beginning and 80.3MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 58.79ms. Allocated memory is still 115.3MB. Free memory was 80.3MB in the beginning and 78.6MB in the end (delta: 1.7MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 624.36ms. Allocated memory is still 115.3MB. Free memory was 78.6MB in the beginning and 59.7MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 20064.87ms. Allocated memory was 115.3MB in the beginning and 264.2MB in the end (delta: 148.9MB). Free memory was 59.0MB in the beginning and 229.7MB in the end (delta: -170.7MB). Peak memory consumption was 129.9MB. Max. memory is 16.1GB. * Witness Printer took 92.94ms. Allocated memory is still 264.2MB. Free memory was 229.7MB in the beginning and 224.4MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 93 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 19.9s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 5.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 8.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2358 SdHoareTripleChecker+Valid, 3.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2317 mSDsluCounter, 5432 SdHoareTripleChecker+Invalid, 2.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4196 mSDsCounter, 650 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3684 IncrementalHoareTripleChecker+Invalid, 4334 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 650 mSolverCounterUnsat, 1236 mSDtfsCounter, 3684 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 838 GetRequests, 667 SyntacticMatches, 10 SemanticMatches, 161 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1239 ImplicationChecksByTransitivity, 2.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=592occurred in iteration=10, InterpolantAutomatonStates: 142, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 274 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 43 LocationsWithAnnotation, 1363 PreInvPairs, 1644 NumberOfFragments, 2770 HoareAnnotationTreeSize, 1363 FomulaSimplifications, 2367 FormulaSimplificationTreeSizeReduction, 0.7s HoareSimplificationTime, 43 FomulaSimplificationsInter, 25091 FormulaSimplificationTreeSizeReductionInter, 7.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 3.7s InterpolantComputationTime, 965 NumberOfCodeBlocks, 965 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1224 ConstructedInterpolants, 0 QuantifiedInterpolants, 2388 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1163 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 644/717 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 969]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 271]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 136]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 161]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 829]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 908]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 918]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 293]: Loop Invariant Derived loop invariant: ((((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 353]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 252]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 897]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 169]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 50]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 283]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 421]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 890]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: (((((((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) <= 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((1 <= pumpRunning && tmp == 2) && 2 == \result)) || ((pumpRunning == 0 && tmp == 2) && 2 == \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel) && !(2 <= tmp))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) RESULT: Ultimate proved your program to be correct! [2022-11-16 12:50:36,164 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6e6d0074-a9e0-4068-8970-4b45f4d5cc25/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE