./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 11:43:02,477 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 11:43:02,480 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 11:43:02,528 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 11:43:02,530 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 11:43:02,532 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 11:43:02,535 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 11:43:02,541 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 11:43:02,545 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 11:43:02,550 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 11:43:02,553 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 11:43:02,556 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 11:43:02,559 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 11:43:02,562 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 11:43:02,564 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 11:43:02,566 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 11:43:02,569 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 11:43:02,575 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 11:43:02,577 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 11:43:02,579 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 11:43:02,585 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 11:43:02,587 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 11:43:02,588 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 11:43:02,589 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 11:43:02,593 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 11:43:02,593 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 11:43:02,594 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 11:43:02,595 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 11:43:02,596 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 11:43:02,597 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 11:43:02,597 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 11:43:02,598 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 11:43:02,612 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 11:43:02,613 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 11:43:02,614 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 11:43:02,614 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 11:43:02,615 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 11:43:02,616 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 11:43:02,616 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 11:43:02,617 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 11:43:02,618 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 11:43:02,622 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-16 11:43:02,668 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 11:43:02,669 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 11:43:02,669 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 11:43:02,669 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 11:43:02,670 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 11:43:02,671 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 11:43:02,672 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-16 11:43:02,672 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-16 11:43:02,672 INFO L138 SettingsManager]: * Use SBE=true [2022-11-16 11:43:02,673 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 11:43:02,673 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 11:43:02,673 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 11:43:02,673 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 11:43:02,674 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 11:43:02,674 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 11:43:02,674 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 11:43:02,675 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 11:43:02,675 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 11:43:02,675 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 11:43:02,675 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 11:43:02,676 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 11:43:02,676 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 11:43:02,676 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-16 11:43:02,676 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 11:43:02,677 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 11:43:02,677 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 11:43:02,677 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 11:43:02,678 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 11:43:02,678 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-16 11:43:02,678 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 11:43:02,678 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-16 11:43:02,679 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-16 11:43:02,679 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 11:43:02,679 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2022-11-16 11:43:03,060 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 11:43:03,094 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 11:43:03,098 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 11:43:03,100 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 11:43:03,101 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 11:43:03,103 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-16 11:43:03,190 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/data/aff85709d/597f836728864d2e901d1faa9451d569/FLAG0f973d9a2 [2022-11-16 11:43:03,898 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 11:43:03,899 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-16 11:43:03,916 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/data/aff85709d/597f836728864d2e901d1faa9451d569/FLAG0f973d9a2 [2022-11-16 11:43:04,180 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/data/aff85709d/597f836728864d2e901d1faa9451d569 [2022-11-16 11:43:04,183 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 11:43:04,185 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 11:43:04,187 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 11:43:04,188 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 11:43:04,192 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 11:43:04,194 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:04,195 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@27c772b1 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04, skipping insertion in model container [2022-11-16 11:43:04,196 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:04,205 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 11:43:04,280 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 11:43:04,763 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-16 11:43:04,810 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 11:43:04,828 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 11:43:04,949 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-16 11:43:04,969 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 11:43:04,996 INFO L208 MainTranslator]: Completed translation [2022-11-16 11:43:04,996 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04 WrapperNode [2022-11-16 11:43:04,996 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 11:43:04,998 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 11:43:04,998 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 11:43:04,998 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 11:43:05,007 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,040 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,097 INFO L138 Inliner]: procedures = 59, calls = 160, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 288 [2022-11-16 11:43:05,098 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 11:43:05,099 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 11:43:05,099 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 11:43:05,099 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 11:43:05,112 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,113 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,133 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,133 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,139 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,145 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,163 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,165 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,168 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 11:43:05,169 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 11:43:05,169 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 11:43:05,169 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 11:43:05,171 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (1/1) ... [2022-11-16 11:43:05,179 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 11:43:05,193 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 11:43:05,209 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 11:43:05,239 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 11:43:05,258 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 11:43:05,258 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 11:43:05,259 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 11:43:05,259 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 11:43:05,259 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 11:43:05,259 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 11:43:05,259 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 11:43:05,261 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:43:05,262 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:43:05,263 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 11:43:05,264 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 11:43:05,264 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-16 11:43:05,264 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-16 11:43:05,264 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 11:43:05,265 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 11:43:05,265 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 11:43:05,265 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 11:43:05,265 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 11:43:05,409 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 11:43:05,411 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 11:43:05,882 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 11:43:05,891 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 11:43:05,891 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 11:43:05,894 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:43:05 BoogieIcfgContainer [2022-11-16 11:43:05,895 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 11:43:05,898 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 11:43:05,898 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 11:43:05,902 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 11:43:05,903 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 11:43:04" (1/3) ... [2022-11-16 11:43:05,904 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@598ab620 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 11:43:05, skipping insertion in model container [2022-11-16 11:43:05,904 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 11:43:04" (2/3) ... [2022-11-16 11:43:05,905 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@598ab620 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 11:43:05, skipping insertion in model container [2022-11-16 11:43:05,905 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:43:05" (3/3) ... [2022-11-16 11:43:05,907 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2022-11-16 11:43:05,934 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 11:43:05,949 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 11:43:06,046 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 11:43:06,054 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@30950b7b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 11:43:06,054 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 11:43:06,058 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-16 11:43:06,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-16 11:43:06,070 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:06,071 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:06,072 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:06,078 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:06,079 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2022-11-16 11:43:06,090 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:06,091 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1110248588] [2022-11-16 11:43:06,091 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:06,092 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:06,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,475 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-16 11:43:06,485 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,497 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-16 11:43:06,500 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,508 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:06,509 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:06,510 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1110248588] [2022-11-16 11:43:06,511 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1110248588] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:06,511 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:06,512 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 11:43:06,515 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [643094848] [2022-11-16 11:43:06,516 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:06,521 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 11:43:06,522 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:06,566 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 11:43:06,567 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 11:43:06,571 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:43:06,632 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:06,632 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2022-11-16 11:43:06,633 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 11:43:06,635 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-16 11:43:06,636 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:06,677 INFO L225 Difference]: With dead ends: 185 [2022-11-16 11:43:06,678 INFO L226 Difference]: Without dead ends: 88 [2022-11-16 11:43:06,685 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 11:43:06,690 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:06,691 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:43:06,714 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-11-16 11:43:06,753 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-11-16 11:43:06,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-16 11:43:06,765 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2022-11-16 11:43:06,767 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2022-11-16 11:43:06,767 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:06,768 INFO L495 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2022-11-16 11:43:06,768 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:43:06,768 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-11-16 11:43:06,771 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-16 11:43:06,771 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:06,771 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:06,772 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 11:43:06,772 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:06,773 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:06,773 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2022-11-16 11:43:06,773 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:06,774 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [282890604] [2022-11-16 11:43:06,774 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:06,774 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:06,810 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,929 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-16 11:43:06,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,935 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-16 11:43:06,937 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:06,940 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:06,941 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:06,941 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [282890604] [2022-11-16 11:43:06,941 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [282890604] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:06,941 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:06,942 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 11:43:06,942 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [734192877] [2022-11-16 11:43:06,942 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:06,944 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 11:43:06,944 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:06,945 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 11:43:06,945 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:06,945 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:43:06,970 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:06,970 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2022-11-16 11:43:06,971 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 11:43:06,971 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-16 11:43:06,971 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:06,973 INFO L225 Difference]: With dead ends: 140 [2022-11-16 11:43:06,973 INFO L226 Difference]: Without dead ends: 79 [2022-11-16 11:43:06,974 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:06,976 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:06,977 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:43:06,978 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-16 11:43:06,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-16 11:43:06,987 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 11:43:06,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2022-11-16 11:43:06,989 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2022-11-16 11:43:06,989 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:06,990 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2022-11-16 11:43:06,990 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 11:43:06,990 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-11-16 11:43:06,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-16 11:43:06,992 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:06,992 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:06,992 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 11:43:06,993 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:06,993 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:06,993 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2022-11-16 11:43:06,994 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:06,994 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1638206614] [2022-11-16 11:43:06,994 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:06,995 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:07,024 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,148 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:07,151 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,156 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-16 11:43:07,158 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,161 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:07,161 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:07,162 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1638206614] [2022-11-16 11:43:07,162 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1638206614] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:07,163 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:07,163 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 11:43:07,163 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [243439992] [2022-11-16 11:43:07,163 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:07,164 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 11:43:07,164 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:07,165 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 11:43:07,165 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:07,166 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:43:07,201 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:07,202 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2022-11-16 11:43:07,202 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 11:43:07,203 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-16 11:43:07,203 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:07,211 INFO L225 Difference]: With dead ends: 150 [2022-11-16 11:43:07,214 INFO L226 Difference]: Without dead ends: 79 [2022-11-16 11:43:07,215 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:07,219 INFO L413 NwaCegarLoop]: 99 mSDtfsCounter, 91 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:07,219 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 99 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:43:07,222 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-16 11:43:07,240 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-16 11:43:07,248 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-16 11:43:07,250 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2022-11-16 11:43:07,251 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2022-11-16 11:43:07,253 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:07,253 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2022-11-16 11:43:07,254 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:43:07,254 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2022-11-16 11:43:07,255 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-11-16 11:43:07,260 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:07,260 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:07,261 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 11:43:07,261 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:07,262 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:07,266 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2022-11-16 11:43:07,267 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:07,267 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [126724585] [2022-11-16 11:43:07,267 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:07,268 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:07,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,523 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:07,526 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,529 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-11-16 11:43:07,537 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,540 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:07,540 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:07,541 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [126724585] [2022-11-16 11:43:07,541 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [126724585] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:07,541 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:07,541 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 11:43:07,542 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1065751565] [2022-11-16 11:43:07,542 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:07,543 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 11:43:07,548 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:07,549 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 11:43:07,550 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:07,550 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:43:07,606 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:07,607 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2022-11-16 11:43:07,607 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 11:43:07,608 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-11-16 11:43:07,608 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:07,610 INFO L225 Difference]: With dead ends: 199 [2022-11-16 11:43:07,610 INFO L226 Difference]: Without dead ends: 128 [2022-11-16 11:43:07,611 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 11:43:07,612 INFO L413 NwaCegarLoop]: 108 mSDtfsCounter, 59 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:07,613 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 176 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 11:43:07,614 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-16 11:43:07,634 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2022-11-16 11:43:07,634 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2022-11-16 11:43:07,636 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2022-11-16 11:43:07,636 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2022-11-16 11:43:07,637 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:07,637 INFO L495 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2022-11-16 11:43:07,637 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-16 11:43:07,638 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2022-11-16 11:43:07,639 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-16 11:43:07,640 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:07,640 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:07,640 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 11:43:07,641 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:07,641 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:07,642 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2022-11-16 11:43:07,642 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:07,642 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1039903320] [2022-11-16 11:43:07,643 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:07,643 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:07,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,966 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:07,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:07,994 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 11:43:07,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,007 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-16 11:43:08,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,011 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2022-11-16 11:43:08,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,040 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-16 11:43:08,043 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:08,048 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1039903320] [2022-11-16 11:43:08,049 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1039903320] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:08,049 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:08,049 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-16 11:43:08,049 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [870580908] [2022-11-16 11:43:08,050 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:08,050 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-16 11:43:08,051 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:08,051 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-16 11:43:08,051 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-16 11:43:08,052 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-16 11:43:08,488 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:08,488 INFO L93 Difference]: Finished difference Result 280 states and 355 transitions. [2022-11-16 11:43:08,489 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-16 11:43:08,490 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) Word has length 54 [2022-11-16 11:43:08,493 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:08,499 INFO L225 Difference]: With dead ends: 280 [2022-11-16 11:43:08,499 INFO L226 Difference]: Without dead ends: 162 [2022-11-16 11:43:08,503 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-16 11:43:08,510 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 122 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 199 mSolverCounterSat, 29 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 228 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 29 IncrementalHoareTripleChecker+Valid, 199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:08,511 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 457 Invalid, 228 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [29 Valid, 199 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-16 11:43:08,515 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-11-16 11:43:08,546 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 148. [2022-11-16 11:43:08,547 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-16 11:43:08,551 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2022-11-16 11:43:08,552 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2022-11-16 11:43:08,552 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:08,552 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2022-11-16 11:43:08,553 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 1 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-16 11:43:08,553 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2022-11-16 11:43:08,554 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-16 11:43:08,555 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:08,555 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:08,555 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 11:43:08,556 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:08,556 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:08,557 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2022-11-16 11:43:08,557 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:08,557 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [412638833] [2022-11-16 11:43:08,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:08,558 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:08,578 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,667 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:08,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,674 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 11:43:08,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,723 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-16 11:43:08,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:08,728 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:08,728 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:08,729 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [412638833] [2022-11-16 11:43:08,729 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [412638833] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:08,729 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:08,729 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 11:43:08,730 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [900791910] [2022-11-16 11:43:08,730 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:08,731 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 11:43:08,731 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:08,732 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 11:43:08,732 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-16 11:43:08,733 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:43:08,976 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:08,976 INFO L93 Difference]: Finished difference Result 298 states and 383 transitions. [2022-11-16 11:43:08,977 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:43:08,977 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-16 11:43:08,978 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:08,980 INFO L225 Difference]: With dead ends: 298 [2022-11-16 11:43:08,980 INFO L226 Difference]: Without dead ends: 158 [2022-11-16 11:43:08,981 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-16 11:43:08,983 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 71 mSDsluCounter, 277 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:08,983 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 360 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 11:43:08,984 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-11-16 11:43:09,009 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 151. [2022-11-16 11:43:09,010 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-16 11:43:09,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2022-11-16 11:43:09,012 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2022-11-16 11:43:09,012 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:09,012 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2022-11-16 11:43:09,013 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:43:09,013 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2022-11-16 11:43:09,014 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-16 11:43:09,015 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:09,015 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:09,015 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 11:43:09,016 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:09,016 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:09,016 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2022-11-16 11:43:09,017 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:09,017 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2027314324] [2022-11-16 11:43:09,017 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:09,018 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:09,040 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,119 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:09,121 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,128 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 11:43:09,132 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,179 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-16 11:43:09,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,184 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:09,184 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:09,184 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2027314324] [2022-11-16 11:43:09,185 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2027314324] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:09,185 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:09,185 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-16 11:43:09,185 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [672534263] [2022-11-16 11:43:09,186 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:09,186 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-16 11:43:09,187 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:09,187 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-16 11:43:09,187 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-16 11:43:09,188 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-16 11:43:09,415 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:09,415 INFO L93 Difference]: Finished difference Result 307 states and 393 transitions. [2022-11-16 11:43:09,416 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:43:09,416 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 56 [2022-11-16 11:43:09,418 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:09,420 INFO L225 Difference]: With dead ends: 307 [2022-11-16 11:43:09,420 INFO L226 Difference]: Without dead ends: 164 [2022-11-16 11:43:09,422 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2022-11-16 11:43:09,429 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 178 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 182 SdHoareTripleChecker+Valid, 280 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:09,430 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [182 Valid, 280 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 11:43:09,433 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 164 states. [2022-11-16 11:43:09,470 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 164 to 153. [2022-11-16 11:43:09,474 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-16 11:43:09,476 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2022-11-16 11:43:09,478 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2022-11-16 11:43:09,478 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:09,479 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2022-11-16 11:43:09,482 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-16 11:43:09,483 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2022-11-16 11:43:09,483 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-16 11:43:09,484 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:09,484 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:09,484 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-16 11:43:09,485 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:09,485 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:09,485 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2022-11-16 11:43:09,486 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:09,486 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1858600175] [2022-11-16 11:43:09,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:09,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:09,521 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,645 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-16 11:43:09,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,656 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-16 11:43:09,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,681 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-16 11:43:09,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:09,684 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:09,685 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:09,685 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1858600175] [2022-11-16 11:43:09,685 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1858600175] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:09,685 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:09,686 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-16 11:43:09,686 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2006653719] [2022-11-16 11:43:09,686 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:09,687 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-16 11:43:09,687 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:09,687 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-16 11:43:09,688 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-16 11:43:09,688 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:43:10,021 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:10,021 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2022-11-16 11:43:10,022 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-16 11:43:10,022 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-16 11:43:10,022 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:10,025 INFO L225 Difference]: With dead ends: 430 [2022-11-16 11:43:10,025 INFO L226 Difference]: Without dead ends: 285 [2022-11-16 11:43:10,026 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-16 11:43:10,027 INFO L413 NwaCegarLoop]: 131 mSDtfsCounter, 215 mSDsluCounter, 172 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 303 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:10,028 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 303 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-16 11:43:10,029 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-11-16 11:43:10,058 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2022-11-16 11:43:10,060 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2022-11-16 11:43:10,062 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2022-11-16 11:43:10,062 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2022-11-16 11:43:10,063 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:10,063 INFO L495 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2022-11-16 11:43:10,063 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-16 11:43:10,064 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2022-11-16 11:43:10,065 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-16 11:43:10,065 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:10,065 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:10,066 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-16 11:43:10,066 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:10,066 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:10,067 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2022-11-16 11:43:10,067 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:10,067 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1436368400] [2022-11-16 11:43:10,067 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:10,068 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:10,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:10,348 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 11:43:10,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:10,356 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-16 11:43:10,358 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:10,369 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-16 11:43:10,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:10,411 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2022-11-16 11:43:10,412 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:10,414 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-16 11:43:10,414 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:10,414 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1436368400] [2022-11-16 11:43:10,415 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1436368400] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 11:43:10,415 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 11:43:10,415 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-16 11:43:10,415 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1989806625] [2022-11-16 11:43:10,416 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 11:43:10,416 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-16 11:43:10,416 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:10,417 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-16 11:43:10,417 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2022-11-16 11:43:10,418 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 11:43:11,569 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:11,569 INFO L93 Difference]: Finished difference Result 770 states and 1011 transitions. [2022-11-16 11:43:11,570 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-16 11:43:11,570 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2022-11-16 11:43:11,572 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:11,577 INFO L225 Difference]: With dead ends: 770 [2022-11-16 11:43:11,577 INFO L226 Difference]: Without dead ends: 546 [2022-11-16 11:43:11,579 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 255 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=250, Invalid=806, Unknown=0, NotChecked=0, Total=1056 [2022-11-16 11:43:11,582 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 624 mSDsluCounter, 442 mSDsCounter, 0 mSdLazyCounter, 518 mSolverCounterSat, 205 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 629 SdHoareTripleChecker+Valid, 546 SdHoareTripleChecker+Invalid, 723 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 205 IncrementalHoareTripleChecker+Valid, 518 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:11,583 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [629 Valid, 546 Invalid, 723 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [205 Valid, 518 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-16 11:43:11,585 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 546 states. [2022-11-16 11:43:11,677 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 546 to 440. [2022-11-16 11:43:11,679 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2022-11-16 11:43:11,684 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2022-11-16 11:43:11,685 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2022-11-16 11:43:11,685 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:11,685 INFO L495 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2022-11-16 11:43:11,686 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-16 11:43:11,686 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2022-11-16 11:43:11,688 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2022-11-16 11:43:11,688 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 11:43:11,688 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:11,689 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-16 11:43:11,689 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 11:43:11,690 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 11:43:11,690 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2022-11-16 11:43:11,690 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-16 11:43:11,690 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [497960544] [2022-11-16 11:43:11,691 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:11,691 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 11:43:11,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:11,964 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-16 11:43:11,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:11,986 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-16 11:43:11,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,020 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-16 11:43:12,021 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,032 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-16 11:43:12,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,046 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2022-11-16 11:43:12,049 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,070 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2022-11-16 11:43:12,072 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,075 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-16 11:43:12,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,082 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2022-11-16 11:43:12,088 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,090 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 16 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 11:43:12,091 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-16 11:43:12,091 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [497960544] [2022-11-16 11:43:12,091 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [497960544] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 11:43:12,091 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [350837850] [2022-11-16 11:43:12,092 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 11:43:12,092 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 11:43:12,092 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 [2022-11-16 11:43:12,099 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 11:43:12,109 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 11:43:12,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 11:43:12,265 INFO L263 TraceCheckSpWp]: Trace formula consists of 494 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-16 11:43:12,274 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 11:43:12,589 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 11:43:12,590 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 11:43:12,931 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 11:43:12,931 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [350837850] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 11:43:12,932 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 11:43:12,932 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-16 11:43:12,932 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1087499953] [2022-11-16 11:43:12,932 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 11:43:12,933 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-16 11:43:12,934 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-16 11:43:12,934 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-16 11:43:12,934 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2022-11-16 11:43:12,935 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-16 11:43:14,422 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 11:43:14,422 INFO L93 Difference]: Finished difference Result 925 states and 1176 transitions. [2022-11-16 11:43:14,424 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-16 11:43:14,424 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 102 [2022-11-16 11:43:14,425 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 11:43:14,425 INFO L225 Difference]: With dead ends: 925 [2022-11-16 11:43:14,426 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 11:43:14,429 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 224 SyntacticMatches, 4 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 369 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=356, Invalid=1204, Unknown=0, NotChecked=0, Total=1560 [2022-11-16 11:43:14,430 INFO L413 NwaCegarLoop]: 169 mSDtfsCounter, 458 mSDsluCounter, 1022 mSDsCounter, 0 mSdLazyCounter, 983 mSolverCounterSat, 182 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 463 SdHoareTripleChecker+Valid, 1191 SdHoareTripleChecker+Invalid, 1165 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 182 IncrementalHoareTripleChecker+Valid, 983 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-16 11:43:14,430 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [463 Valid, 1191 Invalid, 1165 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [182 Valid, 983 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-16 11:43:14,431 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 11:43:14,431 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 11:43:14,432 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 11:43:14,432 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 11:43:14,432 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2022-11-16 11:43:14,433 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 11:43:14,433 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 11:43:14,433 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-16 11:43:14,433 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 11:43:14,434 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 11:43:14,437 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 11:43:14,447 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 11:43:14,645 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-16 11:43:14,648 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 11:43:20,323 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 790 796) no Hoare annotation was computed. [2022-11-16 11:43:20,323 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 790 796) the Hoare annotation is: true [2022-11-16 11:43:20,324 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-16 11:43:20,324 INFO L899 garLoopResultBuilder]: For program point L88-1(lines 84 95) no Hoare annotation was computed. [2022-11-16 11:43:20,324 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-16 11:43:20,324 INFO L899 garLoopResultBuilder]: For program point L64(lines 64 68) no Hoare annotation was computed. [2022-11-16 11:43:20,324 INFO L899 garLoopResultBuilder]: For program point L770-2(lines 766 788) no Hoare annotation was computed. [2022-11-16 11:43:20,324 INFO L899 garLoopResultBuilder]: For program point L832(lines 832 840) no Hoare annotation was computed. [2022-11-16 11:43:20,325 INFO L895 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (or .cse8 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse5) (or .cse8 .cse0 .cse5 .cse6) (let ((.cse9 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse9 .cse4) .cse5 (and .cse2 .cse9 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 11:43:20,325 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-11-16 11:43:20,325 INFO L895 garLoopResultBuilder]: At program point L64-2(lines 60 71) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-16 11:43:20,326 INFO L899 garLoopResultBuilder]: For program point L828(lines 828 845) no Hoare annotation was computed. [2022-11-16 11:43:20,326 INFO L895 garLoopResultBuilder]: At program point L973(lines 958 976) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-16 11:43:20,326 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 763 789) no Hoare annotation was computed. [2022-11-16 11:43:20,326 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 159) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-16 11:43:20,327 INFO L895 garLoopResultBuilder]: At program point L177(line 177) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-16 11:43:20,327 INFO L899 garLoopResultBuilder]: For program point L177-1(line 177) no Hoare annotation was computed. [2022-11-16 11:43:20,327 INFO L899 garLoopResultBuilder]: For program point L685(line 685) no Hoare annotation was computed. [2022-11-16 11:43:20,327 INFO L895 garLoopResultBuilder]: At program point L838(line 838) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-16 11:43:20,327 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 204) no Hoare annotation was computed. [2022-11-16 11:43:20,328 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 207) no Hoare annotation was computed. [2022-11-16 11:43:20,328 INFO L895 garLoopResultBuilder]: At program point L190-1(lines 182 210) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not .cse6)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|)))) (and (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse1 .cse2) .cse3 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse2) .cse4)) (let ((.cse7 (<= ~waterLevel~0 2))) (or .cse3 .cse5 (and .cse1 .cse6 .cse7 .cse8) .cse4 (and .cse9 .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (or .cse0 .cse3 (and (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1|) (<= |timeShift_getWaterLevel_#res#1| 2) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse4 .cse10) (let ((.cse11 (= ~waterLevel~0 1))) (or (and .cse1 .cse6 .cse11 .cse8) .cse3 .cse5 (and .cse9 .cse11 .cse8) .cse4 .cse10))))) [2022-11-16 11:43:20,328 INFO L895 garLoopResultBuilder]: At program point L880(lines 875 882) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 .cse4 (not (<= 2 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3)) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4))) [2022-11-16 11:43:20,329 INFO L895 garLoopResultBuilder]: At program point L686(lines 681 688) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-16 11:43:20,329 INFO L895 garLoopResultBuilder]: At program point L843(line 843) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-16 11:43:20,329 INFO L895 garLoopResultBuilder]: At program point L843-1(lines 824 848) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse6 .cse7) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse7) .cse5)) (let ((.cse8 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse6 .cse8 .cse4) .cse5 (and .cse2 .cse8 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 11:43:20,329 INFO L899 garLoopResultBuilder]: For program point L777-1(lines 777 783) no Hoare annotation was computed. [2022-11-16 11:43:20,330 INFO L899 garLoopResultBuilder]: For program point L967(lines 967 971) no Hoare annotation was computed. [2022-11-16 11:43:20,330 INFO L899 garLoopResultBuilder]: For program point L967-2(lines 967 971) no Hoare annotation was computed. [2022-11-16 11:43:20,330 INFO L895 garLoopResultBuilder]: At program point L133(lines 128 136) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse8 (and .cse7 .cse9) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse9) .cse5)) (or .cse8 .cse0 .cse5 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse6) (let ((.cse10 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse10 .cse4) .cse5 (and .cse2 .cse10 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 11:43:20,330 INFO L899 garLoopResultBuilder]: For program point L195(lines 195 201) no Hoare annotation was computed. [2022-11-16 11:43:20,331 INFO L895 garLoopResultBuilder]: At program point L179(lines 172 181) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-16 11:43:20,331 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 763 789) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-16 11:43:20,331 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 763 789) no Hoare annotation was computed. [2022-11-16 11:43:20,331 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 685) no Hoare annotation was computed. [2022-11-16 11:43:20,331 INFO L899 garLoopResultBuilder]: For program point L770(lines 770 776) no Hoare annotation was computed. [2022-11-16 11:43:20,331 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 580 609) no Hoare annotation was computed. [2022-11-16 11:43:20,332 INFO L902 garLoopResultBuilder]: At program point L605(lines 580 609) the Hoare annotation is: true [2022-11-16 11:43:20,332 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 580 609) the Hoare annotation is: true [2022-11-16 11:43:20,332 INFO L899 garLoopResultBuilder]: For program point L601(line 601) no Hoare annotation was computed. [2022-11-16 11:43:20,332 INFO L899 garLoopResultBuilder]: For program point L594(lines 594 598) no Hoare annotation was computed. [2022-11-16 11:43:20,332 INFO L902 garLoopResultBuilder]: At program point L594-1(lines 594 598) the Hoare annotation is: true [2022-11-16 11:43:20,332 INFO L899 garLoopResultBuilder]: For program point L591(line 591) no Hoare annotation was computed. [2022-11-16 11:43:20,332 INFO L902 garLoopResultBuilder]: At program point L590-2(lines 590 604) the Hoare annotation is: true [2022-11-16 11:43:20,332 INFO L902 garLoopResultBuilder]: At program point L586(line 586) the Hoare annotation is: true [2022-11-16 11:43:20,333 INFO L899 garLoopResultBuilder]: For program point L586-1(line 586) no Hoare annotation was computed. [2022-11-16 11:43:20,333 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 674) no Hoare annotation was computed. [2022-11-16 11:43:20,333 INFO L899 garLoopResultBuilder]: For program point L667-2(lines 667 674) no Hoare annotation was computed. [2022-11-16 11:43:20,333 INFO L899 garLoopResultBuilder]: For program point L721(lines 721 727) no Hoare annotation was computed. [2022-11-16 11:43:20,333 INFO L899 garLoopResultBuilder]: For program point L721-1(lines 721 727) no Hoare annotation was computed. [2022-11-16 11:43:20,333 INFO L902 garLoopResultBuilder]: At program point L651(lines 643 653) the Hoare annotation is: true [2022-11-16 11:43:20,333 INFO L895 garLoopResultBuilder]: At program point L746(lines 701 748) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:43:20,334 INFO L895 garLoopResultBuilder]: At program point L713(line 713) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:43:20,334 INFO L902 garLoopResultBuilder]: At program point L676(lines 657 679) the Hoare annotation is: true [2022-11-16 11:43:20,334 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-16 11:43:20,334 INFO L895 garLoopResultBuilder]: At program point L639(lines 635 641) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:43:20,334 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-16 11:43:20,334 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-16 11:43:20,336 INFO L895 garLoopResultBuilder]: At program point L982(lines 977 984) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:43:20,337 INFO L895 garLoopResultBuilder]: At program point L169(lines 164 171) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:43:20,337 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 743) no Hoare annotation was computed. [2022-11-16 11:43:20,337 INFO L895 garLoopResultBuilder]: At program point L739-2(lines 731 744) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:43:20,337 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 11:43:20,338 INFO L899 garLoopResultBuilder]: For program point L702(lines 701 748) no Hoare annotation was computed. [2022-11-16 11:43:20,338 INFO L899 garLoopResultBuilder]: For program point L731(lines 731 744) no Hoare annotation was computed. [2022-11-16 11:43:20,338 INFO L895 garLoopResultBuilder]: At program point L1016(lines 1011 1019) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:43:20,338 INFO L895 garLoopResultBuilder]: At program point L723(line 723) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-16 11:43:20,339 INFO L895 garLoopResultBuilder]: At program point L1008(lines 1004 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:43:20,339 INFO L902 garLoopResultBuilder]: At program point L752(lines 691 756) the Hoare annotation is: true [2022-11-16 11:43:20,339 INFO L899 garLoopResultBuilder]: For program point L711(lines 711 717) no Hoare annotation was computed. [2022-11-16 11:43:20,339 INFO L899 garLoopResultBuilder]: For program point L711-1(lines 711 717) no Hoare annotation was computed. [2022-11-16 11:43:20,339 INFO L899 garLoopResultBuilder]: For program point L703(lines 703 707) no Hoare annotation was computed. [2022-11-16 11:43:20,340 INFO L895 garLoopResultBuilder]: At program point L749(lines 700 750) the Hoare annotation is: false [2022-11-16 11:43:20,340 INFO L895 garLoopResultBuilder]: At program point L1001(lines 997 1003) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-16 11:43:20,340 INFO L899 garLoopResultBuilder]: For program point L865(lines 865 871) no Hoare annotation was computed. [2022-11-16 11:43:20,340 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 798 822) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-11-16 11:43:20,341 INFO L895 garLoopResultBuilder]: At program point L865-2(lines 858 874) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (<= 2 ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse0) .cse1 .cse2 (and (= ~pumpRunning~0 0) .cse0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:43:20,341 INFO L895 garLoopResultBuilder]: At program point L954(lines 939 957) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~9#1| 0))) .cse1 .cse2 (and .cse0 (<= 2 ~waterLevel~0)))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:43:20,341 INFO L895 garLoopResultBuilder]: At program point L890(lines 883 893) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-16 11:43:20,341 INFO L899 garLoopResultBuilder]: For program point L948(lines 948 952) no Hoare annotation was computed. [2022-11-16 11:43:20,342 INFO L899 garLoopResultBuilder]: For program point L948-2(lines 948 952) no Hoare annotation was computed. [2022-11-16 11:43:20,342 INFO L899 garLoopResultBuilder]: For program point L141(lines 141 147) no Hoare annotation was computed. [2022-11-16 11:43:20,342 INFO L895 garLoopResultBuilder]: At program point L812(line 812) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:43:20,342 INFO L899 garLoopResultBuilder]: For program point L806(lines 806 814) no Hoare annotation was computed. [2022-11-16 11:43:20,343 INFO L899 garLoopResultBuilder]: For program point L802(lines 802 819) no Hoare annotation was computed. [2022-11-16 11:43:20,343 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 798 822) no Hoare annotation was computed. [2022-11-16 11:43:20,343 INFO L895 garLoopResultBuilder]: At program point L854(lines 849 856) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0)) .cse0 .cse1))) [2022-11-16 11:43:20,343 INFO L895 garLoopResultBuilder]: At program point L146(lines 137 150) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0))) .cse2 (and .cse1 (<= 2 ~waterLevel~0)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-16 11:43:20,344 INFO L895 garLoopResultBuilder]: At program point L817(line 817) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-11-16 11:43:20,344 INFO L899 garLoopResultBuilder]: For program point L817-1(lines 798 822) no Hoare annotation was computed. [2022-11-16 11:43:20,344 INFO L895 garLoopResultBuilder]: At program point L101(lines 96 104) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-16 11:43:20,344 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-16 11:43:20,345 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 72 83) no Hoare annotation was computed. [2022-11-16 11:43:20,345 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3))) [2022-11-16 11:43:20,345 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 894 902) no Hoare annotation was computed. [2022-11-16 11:43:20,345 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 894 902) the Hoare annotation is: true [2022-11-16 11:43:20,345 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 894 902) no Hoare annotation was computed. [2022-11-16 11:43:20,349 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 11:43:20,352 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 11:43:20,388 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 11:43:20 BoogieIcfgContainer [2022-11-16 11:43:20,389 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 11:43:20,390 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 11:43:20,390 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 11:43:20,390 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 11:43:20,391 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 11:43:05" (3/4) ... [2022-11-16 11:43:20,394 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 11:43:20,402 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 11:43:20,403 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 11:43:20,403 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 11:43:20,403 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 11:43:20,403 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 11:43:20,404 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 11:43:20,404 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-16 11:43:20,412 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 54 nodes and edges [2022-11-16 11:43:20,413 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-11-16 11:43:20,414 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-16 11:43:20,414 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 11:43:20,415 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 11:43:20,416 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 11:43:20,416 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 11:43:20,448 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 11:43:20,448 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-16 11:43:20,449 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-16 11:43:20,449 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 11:43:20,450 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:43:20,450 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-16 11:43:20,451 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-16 11:43:20,451 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:43:20,452 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-16 11:43:20,452 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:43:20,452 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-16 11:43:20,453 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-16 11:43:20,453 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-16 11:43:20,453 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-16 11:43:20,453 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-11-16 11:43:20,484 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/witness.graphml [2022-11-16 11:43:20,485 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 11:43:20,486 INFO L158 Benchmark]: Toolchain (without parser) took 16300.37ms. Allocated memory was 136.3MB in the beginning and 211.8MB in the end (delta: 75.5MB). Free memory was 99.2MB in the beginning and 119.8MB in the end (delta: -20.6MB). Peak memory consumption was 52.9MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,486 INFO L158 Benchmark]: CDTParser took 0.34ms. Allocated memory is still 136.3MB. Free memory was 116.6MB in the beginning and 116.5MB in the end (delta: 139.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 11:43:20,486 INFO L158 Benchmark]: CACSL2BoogieTranslator took 809.39ms. Allocated memory is still 136.3MB. Free memory was 99.0MB in the beginning and 103.3MB in the end (delta: -4.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,487 INFO L158 Benchmark]: Boogie Procedure Inliner took 99.99ms. Allocated memory is still 136.3MB. Free memory was 103.3MB in the beginning and 100.6MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,487 INFO L158 Benchmark]: Boogie Preprocessor took 69.37ms. Allocated memory is still 136.3MB. Free memory was 100.6MB in the beginning and 98.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,488 INFO L158 Benchmark]: RCFGBuilder took 726.01ms. Allocated memory is still 136.3MB. Free memory was 98.5MB in the beginning and 79.0MB in the end (delta: 19.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,488 INFO L158 Benchmark]: TraceAbstraction took 14491.28ms. Allocated memory was 136.3MB in the beginning and 211.8MB in the end (delta: 75.5MB). Free memory was 78.2MB in the beginning and 126.1MB in the end (delta: -47.9MB). Peak memory consumption was 90.1MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,489 INFO L158 Benchmark]: Witness Printer took 95.36ms. Allocated memory is still 211.8MB. Free memory was 126.1MB in the beginning and 119.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-16 11:43:20,491 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.34ms. Allocated memory is still 136.3MB. Free memory was 116.6MB in the beginning and 116.5MB in the end (delta: 139.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 809.39ms. Allocated memory is still 136.3MB. Free memory was 99.0MB in the beginning and 103.3MB in the end (delta: -4.3MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 99.99ms. Allocated memory is still 136.3MB. Free memory was 103.3MB in the beginning and 100.6MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 69.37ms. Allocated memory is still 136.3MB. Free memory was 100.6MB in the beginning and 98.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 726.01ms. Allocated memory is still 136.3MB. Free memory was 98.5MB in the beginning and 79.0MB in the end (delta: 19.5MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 14491.28ms. Allocated memory was 136.3MB in the beginning and 211.8MB in the end (delta: 75.5MB). Free memory was 78.2MB in the beginning and 126.1MB in the end (delta: -47.9MB). Peak memory consumption was 90.1MB. Max. memory is 16.1GB. * Witness Printer took 95.36ms. Allocated memory is still 211.8MB. Free memory was 126.1MB in the beginning and 119.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 14.3s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1864 SdHoareTripleChecker+Valid, 2.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1831 mSDsluCounter, 3717 SdHoareTripleChecker+Invalid, 1.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2623 mSDsCounter, 548 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2079 IncrementalHoareTripleChecker+Invalid, 2627 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 548 mSolverCounterUnsat, 1094 mSDtfsCounter, 2079 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 408 GetRequests, 298 SyntacticMatches, 4 SemanticMatches, 106 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 655 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 101, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 142 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 1015 PreInvPairs, 1233 NumberOfFragments, 1876 HoareAnnotationTreeSize, 1015 FomulaSimplifications, 752 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 46 FomulaSimplificationsInter, 9420 FormulaSimplificationTreeSizeReductionInter, 5.1s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 2.8s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1477 SizeOfPredicates, 3 NumberOfNonLiveVariables, 494 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 101/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 635]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 128]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 824]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1011]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 939]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 681]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 643]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 580]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 958]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 182]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 60]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 858]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 137]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 849]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 997]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-16 11:43:20,565 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4dc62956-7813-40df-a577-cb0119e11d88/bin/uautomizer-tPACEb0tL8/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE